Virtualized environment for script commands - WoWInterface
Thread Tools Display Modes
07-28-16, 04:59 PM   #1
A Pyroguard Emberseer
SDPhantom's Avatar
AddOn Author - Click to view addons
Join Date: Jul 2006
Posts: 1,929
Virtualized environment for script commands

In light of the reported scams using malicious /run or /dump commands and Blizzard's shortsighted warning message, I've taken up the task of developing an addon that places user-generated code from these commands (and possibly other addons enabling user-generated code to be run) into a virtual environment.

I hinted on this earlier, using an experimental proxy system in an isolated shared environment.

To distinguish the two environments, the UI runs in the host environment while scripts run in the virtual environment. Proxies are empty tables in the virtual environment that use metatables to create read-only links to their equivalents in the host environment. Any writes attempted are caught by the proxy and stored in the virtual table instead of affecting the host. Using this method also allows the proxies to intercept indexing operations that return host-side tables and return replicated proxies of them instead. It's also possible to intercept and modify the behavior of functions referenced by their pointers or even deny access whether by refusing to serve the function or returning a no-op.

Included below is a sample implementation of this proxy system as a prototype. This modifies loadstring() to return its functions set to the virtual environment and rewrites RunScript() to use this. This change can be reverted by running setfenv(func,_G) on the returned function from loadstring() before running it (of course, this can't be done by the script being run).

If anyone has any ideas on which additonal functions I should block or modify, let me know. The ones covered are referenced in the Redirects table. As the table is indexed by function pointer, frame methods should cover all frames.

Edit1: Fixed orphaned reference to ProxyLookup in the new loadstring().
Edit2: Fixed potential security vulnerability with unhandled Frame:GetParent().

This addon is designed to prevent granting foreign access to your game client. This is not meant to prevent people from wiping out their own inventory or similar effects. While this addon does support the capability of blocking those functions, it's not meant to be a babysitter. Use caution running scripts from unknown people.
ESOUI AddOns | WoWInterface AddOns
"All I want is a pretty girl, a decent meal, and the right to shoot lightning at fools."
-Anders (Dragon Age: Origins - Awakening)

Last edited by SDPhantom : 08-10-20 at 07:33 PM.
  Reply With Quote

WoWInterface » Developer Discussions » General Authoring Discussion » Virtualized environment for script commands

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off