| Time |
Nick |
Message |
| 02:31 |
|
pauloue joined #minetest-dev |
| 03:14 |
|
AndroBuilder_ joined #minetest-dev |
| 03:46 |
|
pgimeno joined #minetest-dev |
| 04:03 |
|
paramat joined #minetest-dev |
| 05:06 |
|
indiana joined #minetest-dev |
| 06:46 |
|
ssieb joined #minetest-dev |
| 10:00 |
|
YuGiOhJCJ joined #minetest-dev |
| 10:21 |
|
Gael-de-Sailly joined #minetest-dev |
| 11:12 |
|
ButcherTibi joined #minetest-dev |
| 11:25 |
|
Lunatrius` joined #minetest-dev |
| 11:33 |
|
Lunatrius joined #minetest-dev |
| 11:49 |
|
Lunatrius` joined #minetest-dev |
| 11:52 |
|
Fixer joined #minetest-dev |
| 12:02 |
|
Lunatrius` joined #minetest-dev |
| 13:27 |
|
AndroBuilder joined #minetest-dev |
| 13:42 |
nerzhul |
is this me or the MT community on github in core is more and more toxic than before ? |
| 13:48 |
Shara |
Examples? |
| 13:50 |
celeron55 |
i don't think so |
| 13:52 |
nerzhul |
Shara, just look the topic about my proposal to set a typedef on positions... |
| 13:52 |
Shara |
Can you give a link? |
| 13:54 |
celeron55 |
it's quite difficult to find anything but reasonable discussion when picking random issues |
| 13:56 |
Shara |
The only thing I see where peopel keep getting heated is CSM, and I feel that's justified (even if people do overreact in how they approach it) |
| 13:57 |
celeron55 |
some specific issues, yes |
| 13:58 |
red-001 |
yeah that typedef discussion went a bit far |
| 13:58 |
red-001 |
and now kilbith has joined in on it |
| 13:59 |
Shara |
red-001: can you give a link? I can't easily go digging from here |
| 14:00 |
red-001 |
#7037 |
| 14:00 |
ShadowBot |
https://github.com/minetest/minetest/issues/7037 -- Replace v3s16 and v3f with typedefs |
| 14:00 |
Shara |
Thanks |
| 14:02 |
sfan5 |
i'm not sure why such a simple cleanup needs this amount of "discussion" |
| 14:02 |
celeron55 |
looks like you're just talking with paramat |
| 14:02 |
Shara |
well, it turned into a CSM discussion again... so no surprise |
| 14:02 |
celeron55 |
doesn't seem like a reason to paint "MT community on github" toxic |
| 14:03 |
Shara |
Figuring out the CSM issue would cool a lot of tempers |
| 14:03 |
celeron55 |
kilbith going at it is very poignant and exactly what he'll do, though 8) |
| 14:06 |
celeron55 |
so really i take this as nerzhul wanting others than paramat to take part in the discussion |
| 14:08 |
rubenwardy |
the change requested is kinda meh |
| 14:10 |
celeron55 |
if MT was still my personal project, i wouldn't do that (that's why it isn't so in the first place); being done by someone else, i don't care one way or another really |
| 14:10 |
Shara |
Also would be nice if anyone would look at more sensible ways to save large maps before using larger maps as justification for something. |
| 14:11 |
Shara |
Also excluding everyone but engine devs when asking for opinions isn't too nice. |
| 14:11 |
rubenwardy |
if the aim of this is to make larger maps, then it should probably be poised as that and actually have a plan for it |
| 14:12 |
Shara |
It's noted a couple of times in comments, so seemed worth mentioning |
| 14:14 |
celeron55 |
i do believe larger coordinates are likely a huge can of worms |
| 14:15 |
rubenwardy |
it's more complicated than just increasing from float to double |
| 14:15 |
celeron55 |
but if someone enjoys cans of worms... well, i don't want to block the pleasure |
| 14:16 |
celeron55 |
seems likely to require a massive controversial PR in the future though, increasing system requirements for small worlds |
| 14:16 |
Shara |
Can we please sort out current messes/controversies before triggering the next wave of them? :P |
| 14:19 |
red-001 |
larger worlds are kinda meh |
| 14:20 |
|
antims joined #minetest-dev |
| 14:20 |
rubenwardy |
it would be nice if server owners could choose between cube or large worlds |
| 14:21 |
Shara |
I'd love a massive world... if there was a more efficient way to save the map |
| 14:22 |
rubenwardy |
ie: choose to have the same hash space represent 164k * 1k * 164k |
| 14:22 |
Shara |
But you can run a server for years and not run out of space right now... |
| 14:22 |
rubenwardy |
for scale map builds it doesn't work |
| 14:22 |
rubenwardy |
which hasn't happened yet in MT |
| 14:22 |
rubenwardy |
but has in MC |
| 14:22 |
rubenwardy |
also, massive de ja vu |
| 14:23 |
rubenwardy |
this conversation happens at least once a year |
| 14:23 |
Shara |
Unsurprising. |
| 14:27 |
red-001 |
yeah changing the map shape would help |
| 14:29 |
red-001 |
the issue isn't really about the total space in the world but useable space |
| 14:31 |
celeron55 |
we should have better tools at limiting world size even with the current coordinate space |
| 14:32 |
Shara |
paramat has been working on that. |
| 14:32 |
celeron55 |
like a per-player setting for how far they can generate new map |
| 14:32 |
nerzhul |
this discussion is just a coding cleanup, and yes it permits to think about icnreasing map worlds more easily (not easy but more possible than before). The discussion went too far away and is not constructive |
| 14:32 |
Shara |
Not sure if per player is needed |
| 14:32 |
nerzhul |
i just ask if i can work on this in my little amount of available time, and the discussion turns for paramat to : "fuck you work on CSM", and being not constructive about the question, which is just simple :p |
| 14:32 |
Shara |
Seperate x/y/z limits alone would already be really nice |
| 14:33 |
Shara |
nerzhul: I think that's overreacting, sorry. |
| 14:33 |
nerzhul |
it's why i said it's toxic. Each time i talk on GH these days paramat said "Fuc kyou work on CSM i don't want your feature" |
| 14:33 |
nerzhul |
Shara, me ? |
| 14:33 |
Shara |
He's concerned about CSM and hasn't said that at all. |
| 14:34 |
Shara |
Is it right to raise it in another topic? Probably not needed no, but he didn't say that |
| 14:34 |
nerzhul |
no he didn't said "fuck you", but the repeating actions in many issues i talk about saying that tend to make me fell like this |
| 14:34 |
nerzhul |
and this doesn't help me to want to give more time to develop the feature, because it's unpleasant :) |
| 14:35 |
Shara |
Developing it is probably the quickest way to make it stop being unpleasant |
| 14:36 |
Shara |
Or at least giving some solid committment/expectations about it being developed |
| 14:36 |
nerzhul |
Shara, and open the door to let paramat continue that think each time he wants something |
| 14:36 |
nerzhul |
think/thing* |
| 14:36 |
Shara |
You realise it's not just paramt who si unhappy with current CSM? |
| 14:36 |
Shara |
is* |
| 14:36 |
nerzhul |
and it's not a little feature, it's a complicated feature. Sending mods is not sending media |
| 14:36 |
nerzhul |
i realize than everybody complains and nobody talks about HOW to solve it, they just said: DO IT or REMOVE IT |
| 14:37 |
Shara |
Well yes, everyone saying that didn't make it, so you can't expect them to fix it for you |
| 14:37 |
nerzhul |
i don't want them to fix it for us, i want them to help on the concept |
| 14:37 |
nerzhul |
did you see only one comment saying how we can solve it in MT, in terms of algorithm ? |
| 14:38 |
Shara |
All I can tell you is this: as CSM exists right now, I don't want it. i'd like it removed or proper server controlled CSM. |
| 14:38 |
red-001 |
It would at least help if anyone could agree on how it's suppose to be sandboxed |
| 14:38 |
Shara |
But I can't tell you how to implement proper server controlled CSM |
| 14:38 |
nerzhul |
Shara, the problem is not the control, it's already solved. The problem is mod sending currently |
| 14:39 |
Shara |
Surely this should all have been agreed on BEFORE it was worked on or a PR even opened... |
| 14:39 |
nerzhul |
Shara the CSM PR was huge and accepted by many people. I never see reacting people on it before the merge, strangely |
| 14:39 |
Shara |
I did |
| 14:39 |
nerzhul |
and we solved many of your issues |
| 14:39 |
nerzhul |
not all, but many |
| 14:40 |
Shara |
But you also need to understand: most of those affected strongest use stable version |
| 14:40 |
Shara |
They only see how big this is after merge (not an excuse, but it is true) |
| 14:41 |
Shara |
CSM is almost completely about servers (in single player you may as well use a normal mod). |
| 14:41 |
nerzhul |
yes, it was late, the only error is to not rlease 0.4.17 ASAP, but i don't maintain the 0.4.17 branch |
| 14:41 |
Shara |
Yet almost all server owners I heard from hate this |
| 14:41 |
shivajiva |
nrz the server owners demanded certain levels of control, it was never suggested it could be blocked only that we had to accept some form of it |
| 14:42 |
nerzhul |
shivajiva, maybe because nobody tested CSM during many months after merge and before release, and players are more intelligent than server owners think ? :p |
| 14:42 |
shivajiva |
ROFLMAO |
| 14:42 |
nerzhul |
i don't have a response on the earth but the only way to stop that is to release 0.4.17 ASAP with flavour backport |
| 14:42 |
nerzhul |
i don't know why nobody decided this yet |
| 14:42 |
Shara |
flavours are not a real solution |
| 14:42 |
shivajiva |
good call, lets say the server owners are dumb |
| 14:42 |
nerzhul |
sfan5 how is the 0.4 backport branch currently ? |
| 14:43 |
Shara |
all flavours do is nudge the barrier a tiny bit back in the right direction |
| 14:43 |
nerzhul |
shivajiva, server owners should test versions in release candidate if they want to help us find the most anoying bugs |
| 14:43 |
sfan5 |
nerzhul: I updated it last week |
| 14:43 |
nerzhul |
sfan5 do you think we can release it a day ? |
| 14:43 |
sfan5 |
we can, but that's not the solution |
| 14:43 |
Shara |
nerzhul: remember that server owners are primarily busy running servers |
| 14:43 |
shivajiva |
and dev would maintain relationships that are conducive to that event with server owners |
| 14:43 |
sfan5 |
the problem was releasing 0.4.16 without considering the feedback from server owners |
| 14:44 |
Shara |
^ |
| 14:44 |
sfan5 |
if you release .17 but with flavors that doesn't really fix anything, because of backwards compatibility |
| 14:44 |
nerzhul |
sfan5 it's the problem, but we cannot get back to 0.4.16 release, then what is the solution ? |
| 14:44 |
Shara |
If there is a large change that will mainly affect server owners (or any specific other group within MT), actively seek feedback from that group |
| 14:44 |
shivajiva |
time machine? |
| 14:44 |
sfan5 |
nerzhul: no idea |
| 14:45 |
Shara |
Assuming people will test just because you think they should never works |
| 14:45 |
nerzhul |
sfan5 the solution is to block 0.4.16 in 0.4.17 servers and it should be possible currentl |
| 14:45 |
Shara |
The solution is server controlled CSM, form what I understand |
| 14:45 |
sfan5 |
that would work, yes |
| 14:45 |
nerzhul |
using strict protocol checking that should be sufficient |
| 14:46 |
Shara |
If I use backport and block 0.4.16, I lose most of my players tomorrow |
| 14:46 |
sfan5 |
that only works if 0.4.17 is actually released |
| 14:46 |
nerzhul |
Shara at a point you should do a consensus |
| 14:46 |
nerzhul |
we are not gods |
| 14:46 |
nerzhul |
do you want to block 0.4.16 anoying players or continue to get it ? |
| 14:46 |
Shara |
nerzhul: I don't midn waiting for areal solution. |
| 14:46 |
Shara |
mind* |
| 14:47 |
Shara |
But the point is - there is no sign of one |
| 14:47 |
Shara |
This is why people ask for server side CSM, or remove it |
| 14:47 |
nerzhul |
there is no real solution , there is just some less annoying solutions |
| 14:47 |
Shara |
You can always re-add it when serverside is possible |
| 14:47 |
Shara |
server controlled* |
| 14:47 |
nerzhul |
removing it is not a solution because the code has been produced and could be easily ported to any MT rogue version |
| 14:48 |
Shara |
Is that a good reason for it to be in the official release? |
| 14:48 |
nerzhul |
rogue clients which wants to anoy server can just use those clients |
| 14:48 |
sfan5 |
Shara: the "solution" currently on the horizon is waiting for 0.5 to be released and then switching to it |
| 14:48 |
nerzhul |
sfan5 yes, and switching to it is like having strict protocol checking, then having 0.4.17 with it |
| 14:48 |
Shara |
sfan5: flabours are not really a solution |
| 14:48 |
|
AndroBuilder joined #minetest-dev |
| 14:48 |
Shara |
flavours* |
| 14:48 |
sfan5 |
no? |
| 14:48 |
Shara |
No |
| 14:48 |
red-001 |
no? |
| 14:48 |
nerzhul |
noooooooo ! |
| 14:49 |
Shara |
Nooooo! |
| 14:49 |
Shara |
:) |
| 14:49 |
nerzhul |
https://www.youtube.com/watch?v=FSWiMoO8zNE |
| 14:49 |
red-001 |
!title |
| 14:49 |
ShadowBot |
red-001: Error: That URL appears to have no HTML title within the first 4KB. |
| 14:49 |
sfan5 |
flavours were implemented with feedback from server owners, why isn't it a solution? |
| 14:49 |
red-001 |
^ |
| 14:49 |
Shara |
If it's agreed server contorlled CSM is what should happen, why leave it in in it's current form? |
| 14:49 |
Shara |
its* |
| 14:50 |
red-001 |
http://www.nooooooooooooooo.com/ |
| 14:50 |
nerzhul |
by "the current form" you mean 0.4.16 or master ? |
| 14:50 |
shivajiva |
in reality dev released a version into the wild that will haunt server owners for a while yet and hasn't resolved wtf CSM is either...disturbing at the very least imo |
| 14:51 |
Shara |
sfan5: It's about how easy the barrier is to get around. It sounded like bypassing flavour controlls would be trivial compared to there being no CSM in the client to work with to begin |
| 14:51 |
Shara |
And quite honestly, the bigger the barrier, the better |
| 14:51 |
sfan5 |
removing csm again does not help, so comparing with that makes no sense |
| 14:52 |
sfan5 |
what makes you think that bypassing flavours would be trivial though? |
| 14:52 |
red-001 |
well I guess we better rewrite minetest in assemble then |
| 14:52 |
Shara |
It's the impression I got anyway. |
| 14:52 |
red-001 |
assembly* |
| 14:53 |
Shara |
Either way, since the devs cannot agree on what CSM should even be, there's no good reason to keep it at all outside stubborness. |
| 14:53 |
nerzhul |
Shara in fact rogue client can do anything and as i said the code has been produced |
| 14:53 |
Shara |
So back to server controlled or remove. |
| 14:53 |
nerzhul |
Shara i don't like mapgen v5 but why don't we remove it, there is no reason to keep unmaintained mapgen |
| 14:54 |
Shara |
nerzhul: did mapgen v5 hurt anyone? |
| 14:54 |
nerzhul |
me |
| 14:54 |
Shara |
Awww :( |
| 14:54 |
nerzhul |
i don't like the generated map |
| 14:54 |
nerzhul |
but i don't complain :p |
| 14:54 |
nerzhul |
if we want to be productive we should find how to serialize CSM mods from server |
| 14:54 |
nerzhul |
and find how it's presented to server to push them |
| 14:55 |
Shara |
Okay then, CSM is justified because nerzhul was wounded by the aesthetics of mapgen v5. I give up. |
| 14:55 |
nerzhul |
i don't find a good design for this |
| 14:55 |
nerzhul |
Shara, don't forget i like celeron55 too and french fries, that could help |
| 14:55 |
shivajiva |
v5 created worlds and has value for those worlds but what value have we seen from csm so far? |
| 14:56 |
Shara |
I'd post you some french fries (though I doubt I can post you celeron55), if you would work on fixing this mess :) |
| 14:56 |
nerzhul |
we found very huge security issues in some mods |
| 14:56 |
nerzhul |
(server side) |
| 14:56 |
nerzhul |
we sold the antispam server side configuration |
| 14:56 |
nerzhul |
we found who are the anoying players |
| 14:56 |
shivajiva |
issues that were apparent to some and utilised before CSM |
| 14:57 |
Shara |
ability to edit client to do what you like wasn't news to server owners |
| 14:57 |
nerzhul |
shivajiva yeah it's exact, and some thought it was CSM, but not, it just permits to easily prototype to find those holes |
| 14:57 |
red-001 |
and no-one bothered to fix them |
| 14:57 |
nerzhul |
red-001 exact :( |
| 14:58 |
shivajiva |
if me screaming quietly at you about issues isn't enough then what is? |
| 14:59 |
shivajiva |
point is I came repeatedly stating there were flaws that needed looking at |
| 14:59 |
Shara |
It seems attention is only given if enough noise is made. I even passed a copy of the minehacker client to several devs when it was first released in the hope that some of the issues could be addressed |
| 14:59 |
red-001 |
Shara, ok so if modded clients aren't anything new why is modded clients having a lua sandbox a new issue? |
| 14:59 |
Shara |
red-001: you miss the point |
| 15:00 |
Shara |
Server owners want to control their own servers. They don't want that control taken away from them, interfering with what they create |
| 15:00 |
sfan5 |
this is quickly turning into "devs aren't doing enough for server owners" without any relation to CSM |
| 15:00 |
sfan5 |
which specific issues are those anyway? |
| 15:00 |
|
YuGiOhJCJ joined #minetest-dev |
| 15:00 |
Shara |
sfan5: sadly CSM is mostly about server owners and why they get angry at development, when it all comes down to it. |
| 15:01 |
|
Beton joined #minetest-dev |
| 15:02 |
red-001 |
so clients being able to basically teleport, fly, noclip, see through nodes and ignore interact range if you have anticheat off and being able to do a bit less with it on is not a big deal simply because that always happens, but if that client then dares to use lua then we need to freak out? |
| 15:02 |
Shara |
red-001: what are you even talking about? |
| 15:02 |
shivajiva |
if I could find and fix them I would have, WE gui was a big one as it opened the whole server up to abuse, I came with symptoms, varied but all pointing back to the ability to access and modify the server and it's files... |
| 15:03 |
Shara |
We've all pushed for better anti-cheat and player movement control. |
| 15:03 |
red-001 |
Shara, if you need to mod the client to bypass the new limitations then how is it any different from existing issues |
| 15:03 |
Shara |
Entry level to do |
| 15:04 |
red-001 |
does it really? |
| 15:04 |
red-001 |
they need to mod the c++ code either way |
| 15:04 |
sfan5 |
shivajiva: so you're saying the WE issue was not fixed despite your efforts and nobody wanted to help? |
| 15:04 |
Shara |
Yes, but the m=amont they need to change does matter |
| 15:04 |
sfan5 |
if not, what's the point of bringing that up? |
| 15:05 |
red-001 |
does it? fly, noclip and fast is just one line of code, maybe we should start writing more messy code so no-one understands it? |
| 15:05 |
Shara |
Changing a linie is trivial, but once you need to actualyl write your own code the barrier is quite a bit higher, and that's what CSM has in some cases lost us. Also as I have said, it is not just about cheating. It was the implication server owners have no right to decide behaviour on their own servers. |
| 15:06 |
Shara |
No one has said being able to give yourself fly/noclip so easily is okay... so why keep bringing that up? |
| 15:07 |
red-001 |
because I hear no-one calling for fly and noclip to be removed |
| 15:07 |
red-001 |
and removing it would make it a lot harder to abuse |
| 15:07 |
Shara |
Uhh why would we ask for them to be removed? |
| 15:08 |
sfan5 |
that's the point |
| 15:08 |
sfan5 |
you are asking for (client-provided) CSM to be removed |
| 15:08 |
Shara |
You cannot compare basic privs to CSM |
| 15:08 |
sfan5 |
what's the worst you can do with CSM in it's current state? |
| 15:08 |
sfan5 |
(current = 0.4.16) |
| 15:09 |
Shara |
sfan5: well, for starters cause all of thes eagruments people have had :) |
| 15:09 |
Shara |
these arguments* |
| 15:09 |
shivajiva |
I'm saying that despite everyone being helpful and listening the issue wasn't found. I'm saying if I could have found it at the time I would have fixed it in response to red saying [14:57:24] <red-001> and no-one bothered to fix them |
| 15:10 |
Shara |
You realise what we still need - actual confirmation server controlled CSM will be a thing, just keeps getting skipped over |
| 15:10 |
red-001 |
<red-001> It would at least help if anyone could agree on how it's suppose to be sandboxed |
| 15:10 |
sfan5 |
there's an issue open for it, it's on the roadmap, do you want a written statement signed by coredevs? |
| 15:10 |
Shara |
And there has been more than one dev saying it should be removed if that is not done |
| 15:11 |
Shara |
sfan5: a thing being ont he roadmap is meaningless |
| 15:11 |
Shara |
Unless you decide how to do it and someone actually works on it, it's not happening |
| 15:11 |
sfan5 |
then tell me what kind of "confirmation" you want? |
| 15:12 |
Shara |
To see activity, instead of paramat and nerzhul hurting each other's feelings? |
| 15:13 |
nerzhul |
Shara, maybe i just need to open a "concept issue" on CSM mod sending, permitting to trying to find a design before coding it |
| 15:13 |
Shara |
nerzhul: please do. |
| 15:13 |
nerzhul |
this is the only time i got ti help us to find the feature design |
| 15:13 |
red-001 |
we already have one |
| 15:13 |
nerzhul |
red-001: which ? |
| 15:13 |
Shara |
I have no wish to argue with or fight you (or anyone). I just want to see this addressed |
| 15:13 |
nerzhul |
Shara i want to too, this problem make me tired (except i don't sleep too much these days) |
| 15:14 |
sfan5 |
Shara: why is this so time-sensitive? |
| 15:14 |
sfan5 |
even if csm sending is added to 0.5 tomorrow, 0.5 will not be released tomorrow |
| 15:14 |
sfan5 |
so it won't even matter to you |
| 15:14 |
Shara |
Can relate... I would offer assistance with this if I understood the code surrounding it well enough |
| 15:15 |
sfan5 |
I can understand the fear that 0.5 won't include it at all (to some degree), but demands that it should be worked on RIGHT NOW don't help anyone |
| 15:15 |
red-001 |
#5393 #5958 |
| 15:15 |
ShadowBot |
https://github.com/minetest/minetest/issues/5393 -- Server-provided client-side scripting |
| 15:15 |
ShadowBot |
https://github.com/minetest/minetest/issues/5958 -- Proper CSM security module |
| 15:15 |
Shara |
Where did I demand anything? |
| 15:16 |
sfan5 |
not literally |
| 15:16 |
Shara |
Don't state it then. |
| 15:16 |
sfan5 |
let me finish ffs |
| 15:16 |
sfan5 |
but "there's no confirmation of server controlled CSM happening as long as I don't see any activity" comes pretty close |
| 15:16 |
Shara |
Nope. That's pretty factual. |
| 15:17 |
Shara |
Things on the roadmap can sit there for crazy lengths of time. |
| 15:17 |
sfan5 |
I wasn't saying it's incorrect |
| 15:17 |
Shara |
Also please note (and ignore the terrible typing) |
| 15:17 |
Shara |
(2:46:57 PM) Shara: nerzhul: I don't midn waiting for areal solution. |
| 15:18 |
shivajiva |
I don't think anyone is demanding anything, just questioning the whys and wherefores |
| 15:18 |
sfan5 |
but it's farily annoying because server owners keep complaining about CSM because (I assume) there has been no activity yet |
| 15:18 |
Shara |
Yes, it's annoying to server owners and devs alike, so it would be nice to be able to have a discussion without getting accused of things I didn't say. |
| 15:19 |
Shara |
It's for the purpose of trying to make it stop being such an issue |
| 15:19 |
sfan5 |
then why do server owners keep bringing it up despite indication that addition of such a feature is planned for 0.5? |
| 15:20 |
Shara |
History. Unless it's being discussed/decided on and there are some signs of something happening, no one is going to have much faith. |
| 15:20 |
sfan5 |
... |
| 15:21 |
sfan5 |
i honestly don't understand this |
| 15:21 |
sfan5 |
if you don't TRUST coredevs to do what they say, what is the whole point |
| 15:21 |
Shara |
It's not about not trusting. |
| 15:21 |
Shara |
Though I dare say some of the server owners don't trust any of us. |
| 15:21 |
sfan5 |
"we will add server-sent csm in 0.5" "i don't believe you" |
| 15:22 |
sfan5 |
how is this not trust? |
| 15:22 |
Shara |
Is it being added though? |
| 15:22 |
sfan5 |
i'm not going to restate myself |
| 15:22 |
Shara |
I've heard otherwise. |
| 15:22 |
sfan5 |
from who? |
| 15:22 |
Shara |
I don't have time to dig through PRs, but it not being added yet was justified by need for thorough testing. |
| 15:22 |
Shara |
issues* |
| 15:23 |
Shara |
I guess it was in an issue... but I know there was something on github anyway |
| 15:24 |
sfan5 |
there's no PR for server-sent CSM, so there is nothing that could be tested; are we talking about the same thing? |
| 15:24 |
sfan5 |
my point regarding trust: you can't have a discussion if both parties don't trust eachother |
| 15:24 |
Shara |
It's been said somewhere that server controlled CSM would be unlikely to be in 0.5 because even once it's done (and it's not even been decided how to do it yet), it would need a lot of testing. |
| 15:25 |
Shara |
When it 0.5 being released? |
| 15:25 |
sfan5 |
undecided |
| 15:25 |
Shara |
Because unless that's been pushed back quite a long way, it seems very unlikely it can have this. |
| 15:26 |
shivajiva |
all this has come from a variation of CSM that doesn't fit with the requirements stated by c55 ergo the issue people have with it's current incarnation imo |
| 15:26 |
sfan5 |
the point of 0.5 is to fix the problems with CSM from 0.4.16 by having a compatibility break |
| 15:26 |
sfan5 |
so not including it wouldn't make any sense |
| 15:27 |
Shara |
sfan5: if you can state that's absolute, I will trust. Most of the issue here is one about communication in the end and many people not really seeming to have a clue what's happening or what's planned. |
| 15:29 |
sfan5 |
i can't give you a "promise" because i'm just one of several coredevs, but it should be evident from the open issues that server-sent CSM (for 0.5) is something the whole team can agree on |
| 15:30 |
sfan5 |
I think "Most of the issue here is one about communication" sums it up quite well, this topic keeps getting brought up because seemingly nobody actually knows what is going on with CSM |
| 15:30 |
shivajiva |
^ |
| 15:31 |
red-001 |
daily reminder #6982 exists |
| 15:31 |
ShadowBot |
https://github.com/minetest/minetest/issues/6982 -- Make settings files per-world. by red-001 |
| 15:33 |
sfan5 |
another thing: unless it turns out that long-term nobody is able to work on server-sent CSM, CSM will not be removed |
| 15:34 |
sfan5 |
so saying "either server-controlled CSM or remove it" right now is pointless |
| 15:35 |
sfan5 |
third thing: I don't know the reason why paramat has this "no you can't have this, go work on CSM" attitude towards nerzhul (which totally sucks) |
| 15:35 |
sfan5 |
but I do have the impression that server owners are being "pushy" about this feature |
| 15:35 |
Shara |
Not pointless, since if the goal is definitely 0.5, then it becomes relevant should 0.5 be considered for release before it's possible to include |
| 15:36 |
Shara |
And yes, I see no use in dropping CSM comments in ever other topic |
| 15:36 |
Shara |
It's worth discussion, but in its own place. |
| 15:36 |
sfan5 |
0.5 will not be considered for release before server-sent CSM is finished, thus it's pointless |
| 15:36 |
Shara |
And I'd agree with you regarding some of the comments. |
| 15:37 |
nerzhul |
sfan5 i agree we must have it for release |
| 15:37 |
Shara |
That last bit is really what peopel need to hear. |
| 15:37 |
red-001 |
input is needed on #5958 before work on server-sent CSM can even be started |
| 15:37 |
ShadowBot |
https://github.com/minetest/minetest/issues/5958 -- Proper CSM security module |
| 15:37 |
Shara |
Every time this whole thing comes up, scream that if needed. It's what people have to know to realise this will be okay |
| 15:37 |
nerzhul |
5393 is huge, we need a design now :) |
| 15:38 |
sfan5 |
red-001: isn't that issue just "someone should go over all the sandbox code and check whether it's adequate"? |
| 15:40 |
red-001 |
sfan5, if it was only that this would have been solved long ago, it seems that CSM sandboxing as become a bit of a goal post moving situation |
| 15:40 |
sfan5 |
it seems that it isn't even clear to what extent CSM should be sandboxed |
| 15:40 |
red-001 |
^ |
| 15:42 |
sfan5 |
well to get this issue solved, you (as someone who worked on CSM) could make a proposal how far the sandbox should "go" |
| 15:42 |
shivajiva |
just to state the obvious , server owners could be perceived as 'pushy' on CSM due to having something released that caused them issues |
| 15:47 |
red-001 |
sfan5, good point |
| 16:00 |
pgimeno |
To me, server-sent CSM should not even be considered. Allowing the client to execute code sent by the server, is making the client vulnerable to anything a rogue server may want to do. No matter the amount of sandboxing, there are going to be security issues, and they are going to be damaging before they are discovered. The latest Spectre attack vector disclosure proved this. I don't think any sandboxing can prevent a rogue |
| 16:00 |
pgimeno |
server from reading the client's memory (and thus stealing passwords). To me, the client should have full control over what code it runs, and therefore the best implementation I can think of is to make servers just "require" certain CSMs in order to enter, possibly giving installation links. |
| 16:01 |
pgimeno |
FYI, Spectre runs in JavaScript too, no matter the browser. |
| 16:05 |
celeron55 |
it hasn't seemed to me that there is an agreement that server-sent CSM is an option at all |
| 16:05 |
celeron55 |
even within core devs |
| 16:05 |
celeron55 |
maybe this has changed? |
| 16:06 |
shivajiva |
client validation of the csm pulled from a dev owned resource is likely to meet the requirements for scrutiny of the code I believe |
| 16:07 |
celeron55 |
anyway, nerzhul is probably on the right track by creating an issue to track this |
| 16:08 |
red-001 |
#7041 |
| 16:08 |
ShadowBot |
https://github.com/minetest/minetest/issues/7041 -- CSM sandboxing |
| 16:10 |
pgimeno |
red-001: JavaScript is sandboxed, and that doesn't prevent Spectre, and none of the points in that list will. |
| 16:12 |
pgimeno |
The possible exception is disabling JIT compiling. Since Spectre is a timing attack, making the code slower can dilute the importance of a cache hit/miss. |
| 16:12 |
red-001 |
pgimeno, surely it requires the javascript to be JIT compiled? |
| 16:12 |
celeron55 |
i'm open to removing CSM completely, but also open to letting those interested try to figure this out |
| 16:13 |
pgimeno |
I'm not against CSM. I'm against making the players lose control about what it runs on their machines. |
| 16:14 |
pgimeno |
red-001: JIT compiling of JS helps making it more vulnerable, as noted above, but it's not the only reason it's vulnerable. |
| 16:15 |
celeron55 |
CSM might need two modes of operation, a development mode where it will use anything from the server to make development easy, and then a mode that will only run code trusted by either the user or some kind of remote database |
| 16:15 |
nerzhul |
red-001, celeron55 i propose to create an issue about CSM mod sending, i will add a rule , if it's not construtice comment is removed |
| 16:17 |
celeron55 |
if you add rules, then also add a link to some place where freeform discussion is allowed |
| 16:17 |
celeron55 |
that should be fair |
| 16:22 |
red-001 |
I wouldn't mind some database of trusted code but someone would need to maintain that, so it doesn't end up like mod db |
| 16:22 |
nerzhul |
nice :) |
| 16:25 |
celeron55 |
maybe it could be made by utilizing some existing platform |
| 16:25 |
Shara |
Just to note: I make no claims I know server controlled CSM is the answer... just that it would address the current issue (whether it introduces another one...) |
| 16:26 |
celeron55 |
it's a can of worms, but a really interesting one that i've wanted from the beginning of 0.4 |
| 16:26 |
celeron55 |
good thing our license says there's no warranty, lol |
| 16:27 |
|
Gael-de-Sailly joined #minetest-dev |
| 16:37 |
|
Jordach joined #minetest-dev |
| 17:09 |
|
Jordach joined #minetest-dev |
| 17:11 |
|
Jordach_ joined #minetest-dev |
| 17:30 |
|
Krock joined #minetest-dev |
| 17:37 |
|
Darcidride joined #minetest-dev |
| 17:54 |
|
ButcherTibi joined #minetest-dev |
| 17:59 |
|
Beton_ joined #minetest-dev |
| 18:45 |
|
RobbieF joined #minetest-dev |
| 18:45 |
|
RobbieF left #minetest-dev |
| 19:24 |
Hijiri |
sort of an orthogonal question, but what are people's opinions on just having server mods send a source string to the client to execute, rather than trying to mirror some directory of client mods? |
| 19:24 |
Hijiri |
I don't think I am the first to suggest this but I can't find where I saw it |
| 19:25 |
celeron55 |
that's what i'd do as a first version |
| 19:25 |
Hijiri |
If you make mods use a CSM thing created at init time you could keep track of which mod sent which code too, and isolate code from different mods |
| 19:25 |
celeron55 |
not sure what the plan is by the devs that decided to start making it |
| 19:25 |
Hijiri |
is someone actively working on an implementation right now? |
| 19:26 |
celeron55 |
s/it/CSM/ |
| 19:28 |
Hijiri |
oh |
| 19:28 |
Hijiri |
I thought you meant server-sent CSM specifically |
| 19:28 |
sofar |
I'd imagine that there's a server-side `minetest.register_csm(name, blob)` type of command |
| 19:29 |
sfan5 |
why would you want that? |
| 19:29 |
sofar |
having random code sent that isn't registered seems like a mistake? |
| 19:30 |
sofar |
I suppose we could just do it as we do media stuff |
| 19:31 |
Hijiri |
I could see it being a problem if client side mods can expose functions to each other, that if you didn't have registration they might be sent in an order that doesn't work with their dependencies |
| 19:31 |
Hijiri |
In practice I think on_joinplayer callbacks will be executed in order of registration anyway, but the docs say that order isn't guaranteeed |
| 19:32 |
Hijiri |
actually I don't know if the docs say it's not guaranteed, but it doesn't guarantee anything at least |
| 19:33 |
|
ButcherTibi joined #minetest-dev |
| 19:33 |
Hijiri |
with either system you could implement the other system as a mod though if you really wanted to |
| 20:13 |
Krock |
merging #7039 and #7042 in ~5 minutes |
| 20:14 |
ShadowBot |
https://github.com/minetest/minetest/issues/7039 -- Add `on_auth_fail` callback by red-001 |
| 20:14 |
ShadowBot |
https://github.com/minetest/minetest/issues/7042 -- Fix spelling by numberZero |
| 20:15 |
|
ButcherTibi joined #minetest-dev |
| 20:30 |
nerzhul |
nice Krock |
| 21:27 |
|
pauloue joined #minetest-dev |
| 22:04 |
|
numzero joined #minetest-dev |
| 22:10 |
|
numzero joined #minetest-dev |
| 22:18 |
|
Sokomine joined #minetest-dev |
| 22:19 |
|
Sokomine joined #minetest-dev |
| 22:33 |
|
Gael-de-Sailly joined #minetest-dev |
