15 posts
Posted 17 April 2013 - 10:51 AM
Hello,
Im CrosS_Light and im trying to Create my OWN OS.
I will show you my Ideas:
BukkitOS
[indent=1]Account System[/indent]
[indent=2]I will Incloude an Account System for my own AppStore[/indent]
[indent=1]Antivirus[/indent]
[indent=2]This is Very esay i will check for commands that are in the Blacklist and[/indent]
[indent=2]will Show the User wat the Program can do[/indent]
[indent=1]Themes[/indent]
[indent=2]I will that YOU can create your OWN Styles and Upload them to the AppStore[/indent]
[indent=1]Languages[/indent]
[indent=2]I mustn't talk about that[/indent]
[indent=1]Screen[/indent]
[indent=1]Librarys[/indent]
[indent=2]-You can Load Librarys for the OS and put them into the Librarys Folder[/indent]
[indent=1]Startup[/indent]
[indent=2]while the system will startup it loads all Librarys checks for update and checks all files[/indent]
I need some Helper for The OS
if any one want to be one please write me
if any one has an idea please poste that here
CrosS_light
1583 posts
Location
Germany
Posted 17 April 2013 - 10:58 AM
I can make a German translation ^_^/>
1190 posts
Location
RHIT
Posted 17 April 2013 - 11:01 AM
If you do an "antivirus", don't use string.find or any such thing. It's almost impossible to block every possible string form of a function. Instead, use function replacement.
1214 posts
Location
The Sammich Kingdom
Posted 17 April 2013 - 11:04 AM
If you do an "antivirus", don't use string.find or any such thing. It's almost impossible to block every possible string form of a function. Instead, use function replacement.
I think sandboxing is a better term than function replacement. For instance, to sandbox a program you can easily override the functions you don't want them to use and replace them with functions that restrict usage of the functions on certain parts of the computer.
1190 posts
Location
RHIT
Posted 17 April 2013 - 11:10 AM
If you do an "antivirus", don't use string.find or any such thing. It's almost impossible to block every possible string form of a function. Instead, use function replacement.
I think sandboxing is a better term than function replacement. For instance, to sandbox a program you can easily override the functions you don't want them to use and replace them with functions that restrict usage of the functions on certain parts of the computer.
… How is what you just said not function replacement? :P/>
If by sandboxing you mean using setfenv to change the environment, that would be good if you only wanted users to be able to run a few things. Otherwise, I feel like it's excessive.
And honestly, in general, I don't feel a need for an "antivirus". I can read every program that people write, and if I don't understand it then I won't run it. Simple as that :)/>
1214 posts
Location
The Sammich Kingdom
Posted 17 April 2013 - 11:16 AM
If you do an "antivirus", don't use string.find or any such thing. It's almost impossible to block every possible string form of a function. Instead, use function replacement.
I think sandboxing is a better term than function replacement. For instance, to sandbox a program you can easily override the functions you don't want them to use and replace them with functions that restrict usage of the functions on certain parts of the computer.
… How is what you just said not function replacement? :P/>
If by sandboxing you mean using setfenv to change the environment, that would be good if you only wanted users to be able to run a few things. Otherwise, I feel like it's excessive.
And honestly, in general, I don't feel a need for an "antivirus". I can read every program that people write, and if I don't understand it then I won't run it. Simple as that :)/>
I just think calling it sandboxing sounds better. But I agree that you really don't need an "anti-virus".
1190 posts
Location
RHIT
Posted 17 April 2013 - 11:18 AM
If you do an "antivirus", don't use string.find or any such thing. It's almost impossible to block every possible string form of a function. Instead, use function replacement.
I think sandboxing is a better term than function replacement. For instance, to sandbox a program you can easily override the functions you don't want them to use and replace them with functions that restrict usage of the functions on certain parts of the computer.
… How is what you just said not function replacement? :P/>
If by sandboxing you mean using setfenv to change the environment, that would be good if you only wanted users to be able to run a few things. Otherwise, I feel like it's excessive.
And honestly, in general, I don't feel a need for an "antivirus". I can read every program that people write, and if I don't understand it then I won't run it. Simple as that :)/>
I just think calling it sandboxing sounds better. But I agree that you really don't need an "anti-virus".
Oh I see. Missed the word "term" in your reply XD I thought you were saying that you should sandbox instead of function replace.
15 posts
Posted 17 April 2013 - 11:41 AM
I will take al look but i will first do it with strin.find and then i will try sandboxing.
Clueless Freack100Spricht du Deutsch?
1190 posts
Location
RHIT
Posted 17 April 2013 - 11:51 AM
I will take al look but i will first do it with strin.find and then i will try sandboxing.
Clueless Freack100Spricht du Deutsch?
Err, sorry mate but string.find is probably the absolute worst method of antivirus there is around. Watch this. No matter what kind of string finder you use I will still be able to get around it:
--The string you are searching for here is 'sleep'
local function getCommand()
local final = ""
for i,v in ipairs({115, 108, 101, 101, 112}) do
final = final..string.char(v)
end
return final
end
loadstring("caller = "..getCommand())
caller(3) --Caller now calls the sleep command.
15 posts
Posted 17 April 2013 - 11:53 AM
i know but i dont know how sandboxing works
can you help me?
p.s.
{115, 108, 101, 101, 112} <—- This is NICE!
1190 posts
Location
RHIT
Posted 17 April 2013 - 12:02 PM
i know but i dont know how sandboxing works
can you help me?
p.s.
{115, 108, 101, 101, 112} <—- This is NICE!
Sure :)/>
Function replacement, or sandboxing as some like to call it, is actually pretty simple. All you have to do is:
local _oldPrint = print --Save the print function so we can use it later
local function yourReplacementFunction(args)
if args == "invalid" then
_oldPrint("Hey. I don't want you to say that.")
return false
end
_oldPrint(args)
end
print = yourReplacementFunction
Now, whenever people use the print function, it will call yourReplacementFunction instead :)/> And because _oldPrint is localized, programs outside of the OS will not be able to use it. You can also use environments to protect it from inside the program, but that's more of an advanced concept that I wouldn't bother messing with until you're further along. If you want to check it out, here's a link to a tutorial:
http://www.lua.org/pil/14.html
15 posts
Posted 17 April 2013 - 12:06 PM
that means if i use it like so
local _oldPrint = fs.delete
local function fs.delete(args)
if args == "invalid" then
_oldPrint("This will output an error :D/>")
return false
end
_oldPrint(args)
end
print = fs.delete
1190 posts
Location
RHIT
Posted 17 April 2013 - 12:07 PM
that means if i use it like so
local _oldPrint = fs.delete
local function fs.delete(args)
if args == "invalid" then
_oldPrint("This will output an error :D/>")
return false
end
_oldPrint(args)
end
print = fs.delete
Well yeah that "works" as in it will run, but you didn't take away the fs.delete function. You took away the print function. I think you're looking for something like this:
local oldDelete = fs.delete
fs.delete = function(...)
--Limit what goes into fs.delete here
return fs.delete(...)
end
15 posts
Posted 17 April 2013 - 12:09 PM
oh yahh i see it the last line right?
1190 posts
Location
RHIT
Posted 17 April 2013 - 12:10 PM
oh yahh i see it the last line right?
Yup. The main part of function replacement is actually doing the replacement :)/> All the other stuff is just making sure that you're able to call the old function and creating an alternative for them to call instead.
15 posts
Posted 17 April 2013 - 12:12 PM
Okay thanks i will Try it and give Credits for Helping :D/>
1511 posts
Location
Pennsylvania
Posted 17 April 2013 - 12:16 PM
Just out of curiosity, why is this called BukkitOS?
15 posts
Posted 17 April 2013 - 12:19 PM
first it was call'd LiquidOS but i have see that the name is from an other os and so i call id bukkitOS :D/>
If i have the First Screens i will post some screens
i will load the sandbox as an API
so i can use it in other programs
15 posts
Posted 17 April 2013 - 12:44 PM
local FS_oldOpen = fs.open
local FS_oldDelete = fs.delete
local FS_oldCopy = fs.copy
local FS_oldMove = fs.move
local FS_oldMakeDir = fs.makeDir
local IO_oldOpen = io.open
local OS_oldLoadApit = os.loadAPI
local OS_oldUnloadApi = os.unloadAPI
local OS_oldShutdown = os.shutdown
local OS_oldReboot = os.reboot
local OS_oldSleep = os.sleep
local OS_oldRun = os.run
local SHELL_oldSetDir = shell.setDir
local SHELL_oldSetAlias = shell.setAlias
local SHELL_oldClearAlias = shell.clearAlias
local SHELL_oldRun = shell.run
This will be Secure :D/>
15 posts
Posted 17 April 2013 - 12:59 PM
why can i get the programm that runs the command? i will add Whitelist and Blacklist
1214 posts
Location
The Sammich Kingdom
Posted 17 April 2013 - 01:03 PM
why can i get the programm that runs the command? i will add Whitelist and Blacklist
What?
15 posts
Posted 17 April 2013 - 01:10 PM
i need the path of that program that runs the fs.delete command
1214 posts
Location
The Sammich Kingdom
Posted 17 April 2013 - 01:13 PM
Modify shell.run so instead of instantly running a script it is put into the sandbox before hand.
15 posts
Posted 17 April 2013 - 01:26 PM
i want the path of the file when it is running
function lol()
fs.delete("lol")
end
lol()
I want if i run this code in one file that i get the name of the file in the fs.delete action
1214 posts
Location
The Sammich Kingdom
Posted 17 April 2013 - 01:36 PM
i want the path of the file when it is running
function lol()
fs.delete("lol")
end
lol()
I want if i run this code in one file that i get the name of the file in the fs.delete action
shell.getRunningProgram() Will give you the name.
645 posts
Location
'Merica
Posted 17 April 2013 - 06:24 PM
do when posting code…. it looks better.
EDIT: Oh and Sammich Lord, nice signature.
1583 posts
Location
Germany
Posted 17 April 2013 - 07:01 PM
I will take al look but i will first do it with strin.find and then i will try sandboxing.
Clueless Freack100Spricht du Deutsch?
Klar spreche ich Deutsch ^^
ofcourse I speak german ^^
148 posts
Posted 18 April 2013 - 06:41 AM
i want the path of the file when it is running function lol() fs.delete("lol") end lol() I want if i run this code in one file that i get the name of the file in the fs.delete action
function shell.run(file, ...)
file = tostring(file)
if not fs.exists(file) then
error(file..": File not found")
end
env = {yourReplacedFunctions}
env._api = fs.getName(file)
local success, param = loadfile(file)
if not success then
error(param)
end
setfenv(param, env)
local success, err = pcall(param, ...)
if not success then
error(err)
end
end
function fs.delete(file)
--Your code
if not valid then
error(tostring(getfenv(2)._name)..": You don't have permission to delete that file!")
end
end
…That should work…
15 posts
Posted 18 April 2013 - 10:44 AM
thanks i will test it
Freack willst du mir generell helfen?
programName = shell.getRunningProgram()
print(programName) -- In Prints Sandbox but i will See se name of that programm that runs Sandbox
1583 posts
Location
Germany
Posted 18 April 2013 - 10:59 AM
thanks i will test it
Freack willst du mir generell helfen?
programName = shell.getRunningProgram()
print(programName) -- In Prints Sandbox but i will See se name of that programm that runs Sandbox
Yea, if I can help, I will help ^_^/>
Ja, falls ich helfen kann werde ich helfen ^_^/>
15 posts
Posted 18 April 2013 - 11:07 AM
I will now build the securety system :D/>
it will be save :D/>
Freack
Do you have skype?
Hast du Skype?
1583 posts
Location
Germany
Posted 18 April 2013 - 11:14 AM
Yes and no ^_^/>
yes cuz I have skype
No cuz I can't use skype
15 posts
Posted 18 April 2013 - 12:32 PM
Hey i need Help that Dosn't work!
http://pastebin.com/mGfMYZRHI dont know
i have only fs.open and if i load that as an API the Computer will stay and crash
15 posts
Posted 19 April 2013 - 11:58 AM
can any one help me?
1583 posts
Location
Germany
Posted 20 April 2013 - 11:24 AM
can any one help me?
I can look over your code. Simple send it to me (not pastebin)
1214 posts
Location
The Sammich Kingdom
Posted 20 April 2013 - 11:29 AM
can any one help me?
I can look over your code. Simple send it to me (not pastebin)
I believe he was referring to the above post.
587 posts
Location
Wrocław, Poland
Posted 20 April 2013 - 11:32 AM
-snip-
Nevermind. . .
8543 posts
Posted 20 April 2013 - 11:51 AM
No code. Locked.