15 posts
Posted 16 September 2012 - 12:47 AM
Its a simple enough request: a "/apis" directory, not in rom, with the contents being loaded on startup like the current "/rom/apis" directory.
Pros:- Users with no knowledge whatsoever of lua can install a program that needs an api loaded at boot while still using their favorite password program. (they don't have to ask someone to edit in the os.loadAPI)
- This makes it possible to make minor or major changes to the os, before it finishes booting, like disabling disk booting.
- The reason I bring this up: single-install software sales. You could install an api that prevents the user from copying purchased software, and protect the api too. (much cleaner than my current solution: encrypting the program)
Cons:- Malicious or buggy apis could completely destroy a computer, with no hope of recovery.
Yeah I guess that's a pretty big downside… but its just a suggestion, take it where you want it :)/>/>
724 posts
Posted 16 September 2012 - 06:22 AM
Ability to write files to /rom in the disk drive to add/shadow files is quite better.
8543 posts
Posted 16 September 2012 - 09:43 PM
ComputerCraft is set up so that it is as difficult as possible to irrevocably brick a computer. Adding something that would disallow disk booting is unlikely to happen.
724 posts
Posted 17 September 2012 - 07:28 PM
brick means break?
Why unlikely?
Pick up comp, place it in Disk Drive, change what you want.
Computer without label unable to store anything.
871 posts
Posted 17 September 2012 - 07:31 PM
brick means permanently break, in a way that can't be repaired without editing the files on the server. The booting from floppies might make it easy to hack systems, but it also makes it just as easy to get into hacked systems to fix them. Any user code running before startup can bypass the boot from floppy chance. Heck, just a user api loaded before startup that says "os.reboot()" would make the computer completely unusable, assuming it was labeled.
Now, it could certainly make for an interesting server mod, as it would free people do really battle over security in new ways, but as a core feature of cc, it's just not going to happen.
11 posts
Posted 17 September 2012 - 07:35 PM
ComputerCraft is set up so that it is as difficult as possible to irrevocably brick a computer. Adding something that would disallow disk booting is unlikely to happen.
But easy to implement. I've changed the bios (2 lines of code) to make it configurable per computer.
15 posts
Posted 18 September 2012 - 12:04 AM
brick means break?
brick means make the computer just as useful as a brick. makes a good paperweight/building block, but nothing more :)/>/>
Pick up comp, place it in Disk Drive, change what you want.
Computer without label unable to store anything.
I like that idea :D/>/>
what if some form of certificate or something was required to load the api? like after 12-36 hours it needs user input to renew the certificate, otherwise it won't load on boot. (12-36 because the odd numbers make it harder on a malware installer to keep a user out) unfortunately, this means that an anti-diskboot api wouldn't be perfectly safe :/
and of course a safe-boot option iff the previous boot didn't finish loading apis for some reason.
a possibly better solution: a password protected bios menu similar to today's computers, with boot order and safe boot options, etc.
997 posts
Location
Wellington, New Zealand
Posted 18 September 2012 - 12:46 AM
brick means break?
brick means make the computer just as useful as a brick. makes a good paperweight/building block, but nothing more :)/>/>
Pick up comp, place it in Disk Drive, change what you want.
Computer without label unable to store anything.
I like that idea :D/>/>
what if some form of certificate or something was required to load the api? like after 12-36 hours it needs user input to renew the certificate, otherwise it won't load on boot. (12-36 because the odd numbers make it harder on a malware installer to keep a user out) unfortunately, this means that an anti-diskboot api wouldn't be perfectly safe :/
and of course a safe-boot option iff the previous boot didn't finish loading apis for some reason.
a possibly better solution: a password protected bios menu similar to today's computers, with boot order and safe boot options, etc.
Or you could pick up the comp, place it in a disk drive, and change what you want.
15 posts
Posted 18 September 2012 - 01:19 AM
Or you could pick up the comp, place it in a disk drive, and change what you want.
Is that in the current version? I play tekkit (so that's 1.3.3, right?) so I wouldn't know. It would be a perfect way to avoid bricking your computer though :)/>/>
997 posts
Location
Wellington, New Zealand
Posted 18 September 2012 - 01:21 AM
Or you could pick up the comp, place it in a disk drive, and change what you want.
Is that in the current version? I play tekkit (so that's 1.3.3, right?) so I wouldn't know. It would be a perfect way to avoid bricking your computer though :)/>/>
No it's not, but it's in the post you quoted.
15 posts
Posted 18 September 2012 - 01:27 AM
No it's not, but it's in the post you quoted.
Pick up comp, place it in Disk Drive, change what you want.
Computer without label unable to store anything.
I like that idea :)/>/>
Yeah I noticed :/
686 posts
Posted 18 September 2012 - 01:43 AM
Any program that relies on an API should load it automatically anyway, so your point about making it easier for users is moot.
724 posts
Posted 18 September 2012 - 07:19 PM
brick means permanently break, in a way that can't be repaired without editing the files on the server. The booting from floppies might make it easy to hack systems, but it also makes it just as easy to get into hacked systems to fix them. Any user code running before startup can bypass the boot from floppy chance. Heck, just a user api loaded before startup that says "os.reboot()" would make the computer completely unusable, assuming it was labeled.
Now, it could certainly make for an interesting server mod, as it would free people do really battle over security in new ways, but as a core feature of cc, it's just not going to happen.
You can always detach Computer. And detached unlabeled Computer will forget all user files hiding your secrets (like password). Booting from floppy make hacking easy. But fixing hacked systems is easy without it. Access to Computer's files through Disk Drive allows easy recovering any harm/mistake. That's why I want it in core CC.
brick means make the computer just as useful as a brick. makes a good paperweight/building block, but nothing more :)/>/>
Really? No!
Pick up comp, place it in Disk Drive, change what you want.
Computer without label unable to store anything.
I like that idea :)/>/>
Thanks!
what if some form of certificate or something was required to load the api? like after 12-36 hours it needs user input to renew the certificate, otherwise it won't load on boot. (12-36 because the odd numbers make it harder on a malware installer to keep a user out) unfortunately, this means that an anti-diskboot api wouldn't be perfectly safe :/
and of course a safe-boot option iff the previous boot didn't finish loading apis for some reason.
a possibly better solution: a password protected bios menu similar to today's computers, with boot order and safe boot options, etc.
No and no and no. Three bad ideas. :D/>/>
Or you could pick up the comp, place it in a disk drive, and change what you want.
Exactly!
Any program that relies on an API should load it automatically anyway, so your point about making it easier for users is moot.
Yes, but… "Before startup" is essential here.
871 posts
Posted 18 September 2012 - 07:43 PM
detach…? Do you mean unsetting the label, so it will reset to new id and blank disk when broken, or am I missing something? If you mean unsetting the label, you can't unless you can get to shell to execute the command, which you couldn't do if the bios was autorunning "os.reboot" (or anything that blocks ctrl-T and booting from disk). If you mean something else I'm missing, pls 'splain.
724 posts
Posted 19 September 2012 - 04:28 PM
Detach? I mean hit it and pick up as an item. Then "place it in a disk drive, and change what you want" if it labeled. If it was not labeled, you can pick it up but cannot read password which was on that door.