This is a read-only snapshot of the ComputerCraft forums, taken in April 2020.
Iredstone7648's profile picture

Hacking an OS

Started by Iredstone7648, 19 January 2017 - 09:43 PM
Iredstone7648 #1
Posted 19 January 2017 - 10:43 PM
Hello Everyone!

I am currently working on an operating system and came across the problem of hacking. Once the user is in, he can use the text editor to edit system files such as password storage, password checks, or anything he chooses.
I would really appreciate any solutions to this problem! Thanks for checking out my post!
Lyqyd #2
Posted 19 January 2017 - 10:49 PM
The computer belongs to the user. Why should she be prevented from editing whichever files she chooses? I'm of the opinion that the user should be allowed to perform any actions he chooses to.

It sounds like you may want to set up some system that uses access control lists to conditionally allow or deny file read/write operations based on user accounts, though.
Iredstone7648 #3
Posted 19 January 2017 - 11:21 PM
Well, say you get a floppy disk and bypass startup. This could be done by anyone. All they would have to do is go in with the shell and edit the files to have instant access.
Edited on 19 January 2017 - 10:22 PM
KingofGamesYami #4
Posted 19 January 2017 - 11:25 PM
If they bypass startup there is literally nothing you can stop them from doing.
Lyqyd #5
Posted 19 January 2017 - 11:27 PM
Yes, that's true. It also accurately mirrors the situation in the real world, where if an attacker gains physical access to a system, they can do essentially anything they want to it.
Iredstone7648 #6
Posted 19 January 2017 - 11:38 PM
Ok thanks guys. I was looking into modifying fs.isReadOnly but that would only work for my ROM file. Other than that, there's nothing more to do.
Edited on 19 January 2017 - 10:38 PM
Bomb Bloke #7
Posted 20 January 2017 - 12:23 AM
Although local access to a system and sufficient time allows most any action, that doesn't mean you have to give away your user's passwords. Consider researching password hashing.
exosceleton #8
Posted 20 January 2017 - 07:25 AM
You could instead of overwriting os.isReadOnly, overwrite the fs functions such as fs.list and fs.open to only detect/allow access to non system files.
Piorjade #9
Posted 20 January 2017 - 02:02 PM
settings.set("shell.allow_disk_startup", false)
Sewbacca #10
Posted 20 January 2017 - 08:51 PM
Ok thanks guys. I was looking into modifying fs.isReadOnly but that would only work for my ROM file. Other than that, there's nothing more to do.

It seems like, you are looking for FSector.
You can create two files systems. An OS system, access to everything and an user system, just access to user files.
So while the system is running, you cannot gain access to system files.
Bomb Bloke #11
Posted 21 January 2017 - 12:47 AM
settings.set("shell.allow_disk_startup", false)

That will not prevent users from picking the computer up and slotting it into a disk drive.
houseofkraft #12
Posted 22 January 2017 - 12:52 AM
If you want a way to make files read-only, you just need to paste this script into a file


local protected = {
   "rom",
   "path/to/protected/file",
   "maybe/another/path"
}

function tableFind(arr, text)
	 local found = false
	 for k,v in pairs(arr) do
	    if v == text then
		  found = true
	    end
	 end
	 return found
end

fs.isReadOnly = function(path)
   return tableFind(protected, path)
end

local oldOpen = fs.open
fs.open = function(file, mode)
  if tableFind(protected, path) then
   oldOpen(file, "r")
 else
   oldOpen(file, mode)
 end
end -- Sorry about the indentation problem

local oldDelete = fs.delete
fs.delete = function(file)
   if tableFind(protected, file) then
	 return error("Access Denied")
   else
	 oldDelete(file)
   end
end
Sewbacca #13
Posted 22 January 2017 - 07:51 PM
If you want a way to make files read-only, you just need to paste this script into a file

(snip)

The same thing and more does FSector.
Edited on 22 January 2017 - 06:52 PM
hbomb79 #14
Posted 22 January 2017 - 10:24 PM
The same thing and more does FSector.

The shameless self-promotion is strong in this one.
Anavrins #15
Posted 23 January 2017 - 03:32 AM
The shameful fact that both House's and FSector's solution are useless for what OPs is asking.
There isn't really any way to prevent this without modifying the rom in versions prior to 1.77, nor past it, as stated by BombBloke.
A somewhat working solution would be to use something that will encrypt your whole filesystem, something like EncryptFS, or my unreleased one.
With that, an attacker who gains access to your filesystem, whether it be from disk bypass, drive bypass, even from a server administrator, will be able to modify and delete your files, but will not be able to read it's true content.
Edited on 23 January 2017 - 02:40 AM
Sewbacca #16
Posted 26 January 2017 - 11:07 AM
The same thing and more does FSector.

The shameless self-promotion is strong in this one.
Yeah sorry, I forgot to mention, that it's productplacement. =P
Edited on 26 January 2017 - 10:09 AM
HaddockDev #17
Posted 02 February 2017 - 08:21 PM
You could do some encryption (not recommended though)
Maybe have the user input a password to decrypt the system files on startup, so if somebody puts in a disk they wouldn't be able to modify the files without knowing the users password.
To be honest, I find it really flawed, but its worth a try.

Another idea if your testing security is to publish it on GitHub and get a few people to break the security.
One more idea is to go do something like Google does when it finds out that Chrome OS has been tampered with. Still, flawed.

The only other piece of advice I can give is to think like an attacker:
Think of attack vector. Try attack vector. Fix if required.
Rinse and repeat.
Edited on 02 February 2017 - 07:22 PM
zephar26 #18
Posted 02 February 2017 - 09:25 PM
I know I'm a bit late to the party on this thread, but I've heard a particular statement that I think applies well here.

"Physical access is full access."

If you want your computers to be secure, don't put them in open spaces where just anyone can get to them.

If this is a case where you can't do that, then you can always use


os.pullEvent = os.pullEventRaw

Which will ignore all termination requests, but I'd be careful with using this.

For those even more curious, I know there is a way to also make your computer not boot to disk first, if you're concerned with someone using a floppy-break program on your computer as well. I also consider that to be a bit dangerous, development wise, and would recommend against using it.
Edited on 02 February 2017 - 08:29 PM
Anavrins #19
Posted 02 February 2017 - 09:57 PM
You could do some encryption (not recommended though)
Maybe have the user input a password to decrypt the system files on startup, so if somebody puts in a disk they wouldn't be able to modify the files without knowing the users password.
To be honest, I find it really flawed, but its worth a try.
In case you're referencing my post, just letting you know that both programs I stated does not decrypt on startup, but overrides fs.open to read an encrypted file and return an unencrypted handler.
Data never get's decrypted on disk, only in memory.
Of course your method is flawed, but not this one.
HaddockDev #20
Posted 02 February 2017 - 10:03 PM
You could do some encryption (not recommended though)
Maybe have the user input a password to decrypt the system files on startup, so if somebody puts in a disk they wouldn't be able to modify the files without knowing the users password.
To be honest, I find it really flawed, but its worth a try.
In case you're referencing my post, just letting you know that both programs I stated does not decrypt on startup, but overrides fs.open to read an encrypted file and return an unencrypted handler.
Data never get's decrypted on disk, only in memory.
Of course your method is flawed, but not this one.
No, wasn't referencing your post, and yes I know that method has more holes than account password management in Windows.

[offtopic]No offence, but your program reminds me of the OneHalf virus of the MS-DOS days.[/offtopic]
TechnicalCoding #21
Posted 02 February 2017 - 10:14 PM
The hard solution is to create your own IDE which would check if there is any errors with the LUA code that the user creates and print them out, this prevents that the user can "Crash" the OS, then also create a folder for every user that the user is limited to. for example 'users/Username/scripts' and inside this scripts folder the user can create folders and edit files, but are limited to go out of that folder.

I am currently working on an Advanced operating system and I would happily be doing a collab with you!

I am also very experienced in web languages and will create a appstore for my OS, also I will use online login forms and register forms so the user can connect to the forums and socket servers. And include graphical content such as a draw function to create boxes,

another of my current project is similar to cshtml or asp.net, basically create luahtml, so basically you will be able to use html, and create script tags where lua code will be executed. And a lot of custom events and clickable guis, etc.

Please add me on skype: technicalcoding
if you want to collaborate with me :)/>
HaddockDev #22
Posted 02 February 2017 - 10:27 PM
The hard solution is to create your own IDE which would check if there is any errors with the LUA code that the user creates and print them out, this prevents that the user can "Crash" the OS, then also create a folder for every user that the user is limited to. for example 'users/Username/scripts' and inside this scripts folder the user can create folders and edit files, but are limited to go out of that folder.

I am currently working on an Advanced operating system and I would happily be doing a collab with you!

I am also very experienced in web languages and will create a appstore for my OS, also I will use online login forms and register forms so the user can connect to the forums and socket servers. And include graphical content such as a draw function to create boxes,

another of my current project is similar to cshtml or asp.net, basically create luahtml, so basically you will be able to use html, and create script tags where lua code will be executed. And a lot of custom events and clickable guis, etc.

Please add me on skype: technicalcoding
if you want to collaborate with me :)/>

Just because your linting something doesn't mean its completely crash proof.
The least you could do is loadstring and xpcall it, but that means when it crashes, instead of getting sad it will do a function instead of erroring out.
Edited on 02 February 2017 - 09:31 PM