Minetest logo

IRC log for #minetest-dev, 2022-07-05

| Channels | #minetest-dev index | Today | | Google Search | Plaintext

All times shown according to UTC.

Time Nick Message
00:00 erle i think if you need to set a position A LOT, then set_pos is not the thing you want
00:00 erle you probably want some other API that does not exist, where you can animate entities or players along a path. correct?
00:01 MTDiscord <FatalError> Jesus
00:01 MTDiscord <FatalError> Would it fix the problem? Yes, would it fix a fuck ton of other problems? Also yws
00:01 paradust this is a problem in all game engines. setting the position programmatically each frame breaks physics and collision detection
00:02 paradust delay or not
00:02 erle well, i am also in favor of path prediction hints
00:02 MTDiscord <FatalError> 🤦‍♂️
00:02 erle what paradust says
00:02 MTDiscord <FatalError> Its not collision
00:02 MTDiscord <FatalError> If you want to restrict the players movement
00:02 MTDiscord <FatalError> Or have them ride on a vehicle
00:02 erle FatalError riding a vehicle is already possible using attachments though
00:03 MTDiscord <FatalError> Not i said on
00:03 MTDiscord <FatalError> As in free movement
00:04 MTDiscord <Jonathon> paradust: if not sscsm (because of security reasons), what would you propose as an alternative for usecases such as better client side prediction, adding logic for making interactions less laggy
00:05 erle Jonathon i suggest non-turing complete entity/player movement prediction hints similar to the SVG path syntax but in 3D, set by a mod, evaluated by the engine client-side.
00:05 erle this would solve A LOT of problems with laggy movement IMO
00:05 MTDiscord <Jonathon> wasnt asking you erle
00:05 paradust Jonathon: wasm sandbox for lua/anything else is appealing to me, but I might be biased. Also could drop support for all platforms except web :>
00:05 erle true
00:06 erle paradust, how is WASM sandboxing supposed to be more secure than whatever sandbox some pwnie award winner broke out and won a price?
00:06 MTDiscord <FatalError> Also, get_pos is innaccurste by a stupidly tiny amount, however- sscsm would fix this if you could set the player pos by that fraction, essentially fixing the server's inaccuracy by directly correcting the clients fractional overshoot/servers poor prediction. What about hud waypoints? Youd be able to display the exact location of something sttached to the player in real time, you could also set player look direction and angle in
00:06 MTDiscord real time without moving breaking player's look by snapping it back. You also could display objects only visible to one player, look there's just dozens of use cases
00:07 MTDiscord <FatalError> You could restrict your players movement box without jank/lag
00:07 MTDiscord <Jonathon> paradust: im not the most wasm knowledgable, is wasm sandbox something thats builtin, or something the engine would have to brew itself (like a lua sandbox)
00:07 MTDiscord <FatalError> You could also prevent glitching through protected blocks
00:07 paradust erle: huh? Because we're relying on a sandbox developed by someone else and with a proven record, instead of rolling our own.
00:07 MTDiscord <Jonathon> near as i understand it, wasm is more of a compile target for langauges?
00:08 erle yeah i wonder what is going to be sandboxed against what else
00:08 MTDiscord <FatalError> The use cases are literally infinite
00:08 paradust unfortunately the most secure option would be lifting it out of chromium, which is probably not pallatable
00:09 MTDiscord <FatalError> Or making the run enviorment empty before running, and only add functions that are verified safe?
00:09 paradust there are standalone wasm implementations, but i'd have to look into them before i trust them
00:09 erle the most secure option is to not use a turing-complete input language. no amount of testing or verification is going to get this right.
00:09 MTDiscord <FatalError> I dint understand whats so hard
00:10 paradust FatalError: look up row hammer, spectre. Anything that can read/write any memory can potentially corrupt it and get out of a sandbox.
00:10 erle FatalError, the paper “Security Applications of Formal Language Theory” explains it in a more hardware-agnostic way http://langsec.org/papers/langsec-tr.pdf
00:10 paradust Plus LuaJIT is likely to have some miscompile bugs, given how much it crashes on some platforms
00:11 paradust Someone could find an invalid/bizarre sequence of Lua opcodes that causes LuaJIT to emit incorrect code that grants unrestricted access
00:12 MTDiscord <Jonathon> paradust: iirc, the sscsm debate seems to favor puc lua for sscsm anywyas
00:12 MTDiscord <Jonathon> *anyways
00:12 fluxionary puc lua?
00:13 MTDiscord <Jonathon> standard lua aka puc lua. its the college the spec is written at (i think)
00:13 fluxionary got it
00:14 MTDiscord <Jonathon> Pontifical Catholic University of Rio de Janeiro
00:14 fluxionary vs. luajit
00:14 MTDiscord <Jonathon> luajit is faster, and generally better, expect in instances like this
00:14 MTDiscord <Jonathon> *except
00:15 fluxionary i got in to the conversation late. why is it better for sscsm?
00:15 fluxionary because it's less likely to have terrible exploitative bugs?
00:15 MTDiscord <Jonathon> because its less exploitable, due to it not being a jit
00:15 fluxionary i trust it as much or more than i trust the core minetest packet handling code
00:16 MTDiscord <FatalError> Wait so is the difference between jit and puc runtime compilation and interpretation?
00:16 fluxionary i'm sure a lot more eyes have looked @ the luajit code than the minetest code
00:16 paradust LuaJIT security is actually a current concern for singleplayer mods at least. but those go through contentdb, which is more auditable (in theory?) than server-sent
00:16 erle if you trust the packet handling code, i wonder if you have ever compiled minetest with sanitizers
00:17 MTDiscord <FatalError> Dont we use regular lua and not JIT for mods?
00:17 erle paradust yeah, about as secure as the chrome web store LOL
00:17 MTDiscord <Jonathon> flux: you indirectly bring up another point, for sscsm your going to want some sort of network encryption, since you dont want mitm attacks
00:17 erle i am joking, of course, cdb at least gets a human to look at the stuff
00:17 fluxionary but minetest is fixed on lua 5.1. is *that* even developed anymore either?
00:18 MTDiscord <Jonathon> luajit yes, puc lua, no
00:18 MTDiscord <FatalError> Is there some way to look through code to find things that could cause vulnerabilities?
00:18 erle Jonathon good point. i guess this nips it in the bud for now.
00:18 MTDiscord <FatalError> I mean, tbh I dont understand the problem, minetest mods seem to be pretty secure
00:18 MTDiscord <Jonathon> minetest is fixed on lua 5.1 because puc lua isnt backwards compatible, and luajit is breaking compat any time soon
00:18 MTDiscord <Jonathon> *isnt
00:19 fluxionary Jonathon: a reasonable point, but there's "political" questions about how to solve that (i.e. what sort of encryption tech)
00:19 MTDiscord <Jonathon> minetest mods are not that secure, look no further than the server attacks a while back
00:19 MTDiscord <FatalError> I didnt hear about this
00:19 erle FatalError, not lua-related, but compile minetest with the compiler flags “-fsanitize=undefined” and “-fno-sanitize=vptr”, then play the game and watch the console
00:19 MTDiscord <Jonathon> flux: sure, and do we roll our own, use a library, etc? cause the srp is all our own
00:19 MTDiscord <Jonathon> srp aka auth
00:19 MTDiscord <FatalError> They were from server mods?
00:20 fluxionary Jonathon, yeah, i'm aware of that. i looked at that code at one point and didn't see anything that was a red flag to me
00:20 erle you meant the server attacks using the player login flow crash or the one using the “teleport to wherever” crash or what?
00:20 MTDiscord <Jonathon> also flux, the whole debate here is politics. its going to be that way till someone actually writes an implementation, and then it gets reviewed
00:21 MTDiscord <Jonathon> thats the minetest way lol
00:21 erle no, then it gets fixed
00:21 erle remember when i asked how to change the main menu and then it turned out some settings enabled you to make mods that change the main menu
00:22 erle i think if someone makes a CSM implementation, the first order of business is to fix it so it can't do interesting stuff
00:22 erle because interesting is dangerous
00:22 erle i mean a SSCSM implementation
00:22 fluxionary Jonathon: fair. i don't think encryption should be an absolute requirement before implementing SSCSM. ultimately it should be a choice of the client whether to run such code, and perhaps should be disabled by default.
00:23 erle btw, luk3yx made this https://git.minetest.land/luk3yx/sscsm
00:23 MTDiscord <Jonathon> flux: id argue that it should be enabled by default, but disablable if people want, like js.
00:23 MTDiscord <FatalError> Nobody is going to use it though is the problem
00:23 MTDiscord <Jonathon> and greenxenith made one as well
00:23 MTDiscord <Jonathon> LOL, muc uses that fatal
00:23 erle fluxionary if it should be the choice of the client, then ”host CSMs on CDB and make the CSM experience nicer” could be a good start, no?
00:23 fluxionary Jonathon: i think it should be enabled by default eventually, but probably not for a few years until we see problems that arise
00:23 MTDiscord <FatalError> Not to mention the API for csm fucking sucks
00:24 MTDiscord <Jonathon> flux: so like a shadows thing basically? i could agree to that
00:24 fluxionary erle: are CSMs not allowed on CDB? i didn't know that
00:24 MTDiscord <Jonathon> csms arent allowed on cdb because there erperimental
00:24 fluxionary hm
00:24 erle fluxionary you have to ask rubenwardy. i think i can make a package that sneakily contains a CSM, but i bet that's against the rules.
00:25 erle (so i will not)
00:25 fluxionary erle: it'd have to be installed in a different manner, if that code doesn't exist, it's probably not easy to sneak it in
00:26 erle fluxionary i do not want to talk about it. i will not sneak anything in anywhere.
00:26 erle but i am certainly aware that people could
00:27 MTDiscord <Jonathon> you could make a mod that has a csm part to it, and add the additional installation effort or whatever the tag is called to it
00:27 MTDiscord <Jonathon> *complex installation
00:28 MTDiscord <Jonathon> course to date, i dont (citation needed) think anyone has done this, so when it comes up for review it would be a first policy decider
00:28 MTDiscord <Jonathon> if you try to add a mod with a blank init.lua, and install this included csm, thats going to be rejected as you just trying to get around the rules
00:28 erle wdym policy decider
00:28 erle tbh i think CSMs should be activatable like texture packs
00:30 erle now i wonder if i can draw the player location via CSM in HUD for xmaps hehe
00:31 erle but tbh i'd rather have a way to tell the HUD that some coordinates are player_pos_x * a + b and player_pos_z * c + d
00:31 erle and let the engine handle the rest
00:31 MTDiscord <Jonathon> paradust: cycling back a bit, while in theory cdb could be more auditing of code for mods, the problem because that once approved, users can make whatever updates they want after that.
00:32 MTDiscord <Jonathon> so you would have to make every update be reviewed, which would suck
00:32 MTDiscord <Jonathon> also, this had led to license issues in the past from new content being added to a mod
00:33 MTDiscord <Jonathon> not that im advocating this, but you could get a basic couple node mod approved into cdb, and then turn it into some sort of malware, etc
00:33 erle Jonathon are you referring to the mcl textures? cora figured out that the newer releases of the texture pack that mcl mods use basically just copied textures from minecraft, so it's an upstream issue and *hopefully* will no longer happen.
00:34 erle (i.e. the texture pack maintainer antagonized a bunch of devs that way)
00:34 MTDiscord <Jonathon> im referring in general to a lot of issues.
00:35 MTDiscord <Jonathon> stop trying to scope general statements that refer to a multitude of issues to a specific issue
00:35 MTDiscord <Jonathon> erle ^
00:37 erle ok
04:00 MTDiscord joined #minetest-dev
05:41 calcul0n_ joined #minetest-dev
07:04 olliy joined #minetest-dev
09:44 HuguesRoss joined #minetest-dev
09:57 appguru joined #minetest-dev
11:59 jonadab joined #minetest-dev
12:47 proller joined #minetest-dev
12:55 erle joined #minetest-dev
13:01 kilbith https://www.youtube.com/watch?v=jrxcztUFLjc
13:28 kilbith I'll change it to `player:set_active(cam1)` instead of `cam1:set_active`
13:33 Fixer joined #minetest-dev
15:38 appguru joined #minetest-dev
16:31 MTDiscord <MisterE> Really nice. Get it merged.
16:52 kilbith still a long way
18:18 CowboyLv joined #minetest-dev
18:24 CowboyLv I am devekoping a biome mod as a learning exescise, have been quietly for a few months.
18:24 CowboyLv This mod is vanilla themed to the core
18:24 CowboyLv everything is 16x16
18:25 CowboyLv And of course. A good chunk of my assets are remixed mtg assets
18:26 CowboyLv Can I have my remixes of these assets licenced under Creative commons 4 equivalent of the mtg asset license
18:26 CowboyLv or I am obligated to have htese derivatives stuck at CC3
18:28 CowboyLv note the "equivalent" part in my question
18:46 rubenwardy This channel is for core development, mod questions should be in #minetest
18:47 rubenwardy (I know you already posted there, just saying this is the wrong place)
18:47 CowboyLv It's fine :) Best server btw
20:55 proller joined #minetest-dev
22:35 panwolfram joined #minetest-dev
23:24 erle joined #minetest-dev

| Channels | #minetest-dev index | Today | | Google Search | Plaintext