From d62872cf05abeccd5030177ceaf6133d088dd333 Mon Sep 17 00:00:00 2001 From: mahid Date: Wed, 17 May 2023 18:05:12 -0500 Subject: [PATCH] Added some basic code for security check Since Prepping API security is no laughing matter, I've went ahead and added some basic code for a security check. It's test based and will ask the user to answer a bunch of questions related to Python and malicious scripting. Am I harsh in the comments? Yes, but I think it's needed as we're dealing with something that if done wrong could compromise user systems. As I stated in #329 > If we make the Prepping API too easy to enable and users suffer as a > result, I personally believe the blame would lie on us as we could > have made this far harder to exploit. I don't care about what other addons do, our audience is full of 12 year olds that want to have fun by making Minecraft animations, security is certainly not on their minds. I'll be pulling example code from Python malware I find on the internet (to those that submit that code on GitHub for people to be aware and comment it well, I'm grateful), so there's going to be a varity of code in these questions. --- MCprep_addon/conf.py | 11 ++++++++++ MCprep_addon/prepping_api.py | 42 ++++++++++++++++++++++++++++++++++++ 2 files changed, 53 insertions(+) create mode 100644 MCprep_addon/prepping_api.py diff --git a/MCprep_addon/conf.py b/MCprep_addon/conf.py index ef7a1f8d..3e46f7c0 100644 --- a/MCprep_addon/conf.py +++ b/MCprep_addon/conf.py @@ -95,6 +95,17 @@ def __init__(self): # If ever changing the resource pack, should also reset to None. self.material_sync_cache = [] + # Security check + # This checks to make sure that the user understands the consequences of + # enabling the prepping api. + # + # We have to do it this way because our userbase is mostly naive 12 year olds + # and sandboxing Python is damn near impossible + # + # Could this check be forged? Sure, but if someone was able to change this check, + # they likly know what they're doing. + def security_check(self): + pass # ----------------------------------------------------------------------------- # ICONS INIT # ----------------------------------------------------------------------------- diff --git a/MCprep_addon/prepping_api.py b/MCprep_addon/prepping_api.py new file mode 100644 index 00000000..6753b17c --- /dev/null +++ b/MCprep_addon/prepping_api.py @@ -0,0 +1,42 @@ +# IMPORTANT, READ!!! +# ------------------- +# Hello there, StandingPad here, it seems like you want to use +# the Prepping API! Well let me let you in on a little secret. +# +# If you do not understand Python or what Python code +# is unsafe, or you do not verify your downloads, then +# DO NOT ENABLE THIS API. Seriously, this API allows arbitrary +# Python scripts to run in place of Prep Materials (that's the whole +# point), and Murphy's Law states: +# > Anything that can go wrong will go wrong. +# +# We are not responsible for any damage that occurs to your system by +# this API. If damage occurs, then IT IS YOUR FAULT. +# +# "Can't you use do that sandboxing thing?" +# No, we can't, not in Pure Python. The creator of Pysandbox says it himself: +# > I now agree that putting a sandbox in CPython is the wrong design. There +# > are too many ways to escape the untrusted namespace using the various introspection +# > features of the Python language. +# +# If you have to Google the answers, then guess what? You should not use this API. I'm sorry +# for being harsh, but that's the harsh reality. This API is powerful, but can seriously do damage +# if you run a script that is malicious +# +# With that, if you still don't want to listen, I guess you can continue on. Don't blame us MCprep +# developers if through your negligence you end up losing everything on your system. +def read_the_section_above(): + # FOR ALL QUESTIONS, YOU MUST RETYPE THE ANSWER (including the number!!!!!) + # Question 1. + # Why is the section above important? + # 1. It isn't + # 2. Because enabling the API could do some serious harm to my system + question_1 = "" + + # Question 2. + # What does the following Python code do? + # address = os.getenv('LOCALAPPDATA') + '\\Programs\\Python\\Launcher\\py.exe' + ' ' + '-i ' + '"' + path + '\\' + file_name + '"' + # 1. It adds a Python script to startup on Windows + # 2. It does nothing + # 3. It makes sure I have Python installed + question_2 = ""