Mzxak2.0 precaution. Very important.
#1
Posted 24 January 2002 - 05:28 PM
What did I do? ?I coded up a small ten-line code that opened and wrote to MZXAk2.exe (took less than a minute) and ran it. ?BOOM. *Crash!* went my computer, and when I restarted it MZXAk2.exe was permanently corrupted.
I would advise putting all of your important MZX files as read-only in their file properties. ?Otherwise, it's awfully easy for some maliciously scripted MZX game to blow up Megazeux.
<Exophase> HES STEALING MAH AIRSHIP!!!!!!11111111
#2
Posted 24 January 2002 - 06:18 PM
#3
Posted 24 January 2002 - 06:28 PM
#4
Posted 24 January 2002 - 07:01 PM
<+AFK> dormando's apathy is palpable.
* AFK palpates
<dormando> stop that
<Malwyn> undressing with revvy a little over a metre away. new definition of awkward.
#5
Posted 24 January 2002 - 08:15 PM
#6
Posted 25 January 2002 - 12:11 AM
Almost every programming languages allows you to alter files no matter what they are. So basically you have to assume that a mzx game has the same chance of doing harm as any other program you download.
Protection:
Make files you don't want messed up read-only. This is a good idea anyway. Also have back ups. Another possibility is simply rename the file. Make MZXak2.exe to MZX<myinits>.exe if you want.
Also if anyone releases a game that modifies an external file (one that it doesn't create) simply report it and have the person banned.
#8
Posted 25 January 2002 - 10:55 AM
Jasukan, on Jan. 25 2002,04:23, said:
Agreed. O_o
I don't like the idea of being able to write to files...
It's just asking for trouble...
#9
Posted 25 January 2002 - 04:01 PM
The file access feature should NOT be removed from future MZX versions, but maybe some precautions should be added. Maybe it can be made so executables can't be written to, or maybe there can be some sort of identifier at the beginning of the file that signifies it was created by MZXAK and will allow it to be written to (or course, you shouldn't be able to overwrite that identifier, and it would act as if the file starts immediately after it).
#10
Posted 25 January 2002 - 10:15 PM
=P
#11
Posted 26 January 2002 - 08:57 AM
Now, as for file writing/reading: while reading files is probably okay across the board, any command to write to a file should automatically add the extension ".mzf" or some such, if the extension is not included. ?This of course assumes that one is dealing with computers that can handle complex file names with more than eight characters and multiple periods. ?If that IS a concern, simply truncate the given filename at the first period, before the first illegal character, or at the eighth character in the string, and append the extension.
The effect of all this is that the only things that could ever be overwritten are said MZF files, which one would assume to be transient anyway, and if not (i.e. extra game files with constants or dialog strings or such), would be named such that it would be virtually impossible to write a "virus" to sabotoge one of them specifically. ?Since MZF is not a registered extension, much less something that can be executed in any way, and since it can't be used in MZX except as basic text (or so I assume, not having worked with it yet), there is no danger of more conventional viruses targeting the system.
But on the other hand, congratulations to Terryn (via Akwende) for finally finding a way to get MZX to crash Windows. ?And I thought it would be MadBrain...
"Terryn has a v1rU5, it r0x0rz j00r s0x0rz..."
..Ignorance is to be unaware of the truth.
....Incompetence is to be unable to grasp the truth.
......And escape is to run away from the truth.
It is useless to run, since the truth is right next to you.
-Wervyn
#12
Posted 27 January 2002 - 03:52 AM
By the way, my entire MZX directory are backupped to tape daily, as well as nearly everything I have that I don't think I'm gonna edit is read only.
[sarcasm] Another feature for MZXAK would be to be able to modify the FAT and directory structure. Hell, let's add the ability to turn off the cooling system and transformer![/sarcasm]
...well, it would be an idea.