File Approvement is.... yeah you know.... -.-

Discussion in 'BukkitDev Information and Feedback' started by fredlllll, May 6, 2012.

Thread Status:
Not open for further replies.
  1. Offline

    ZachBora

    File checkers?
    *Lolmewn and ZachBora get assassinated for knowing and saying too much.*
     
    MrBluebear3 likes this.
  2. Offline

    Lolmewn

    Oh so that's why alarm went off! (No seriously, it went off :confused:)
     
  3. Offline

    Gravity

    http://forums.bukkit.org/threads/file-approvement-is-yeah-you-know.74334/#post-1109976
    http://forums.bukkit.org/threads/file-approvement-is-yeah-you-know.74334/#post-1345965
    http://forums.bukkit.org/threads/file-approvement-is-yeah-you-know.74334/#post-1345969

    That's been suggested at least twice already and responded to more times. Please read the thread.
     
    MrBluebear3 likes this.
  4. Offline

    jast

    Okay, you seem to have some experiences with people to upload malicious code. Personally, I have a hard time believing though that the amount of malice warrants the level of security imposed, since plenty of sites offer software used on a much larger scale do not rely on such a strict protocol.

    Are there any file approval logs or statistics that are likely to change my mind?
     
  5. Offline

    ZachBora

    What if we told you there has been malicious uploads and the people have been dealt with accordingly?
     
  6. Offline

    jast

    Then that's great, but the aim of my request is not to be convinced that there has been malicious uploads (I'm sure there were), but that it's such a problem that it warrants complete control over every single file. Not even the TSA is that paranoid.
     
  7. Offline

    lDucks

    Why can't you just be happy that there are people dedicating their free time to making sure every file is safe and secure. I'd prefer that over people uploading files at their will. Its good to know, as a server owner and developer, that you're not downloading something malicious because it has been cross checked by other developers.
     
  8. Offline

    Hoolean

    Why are you worrying? People can download plugin files before they're approved anyway!
     
  9. Offline

    mbaxter ʇıʞʞnq ɐ sɐɥ ı

    If you're found to be linking to unapproved files your project will be bounced back until that link is removed.
     
  10. Offline

    Hoolean

    Really? When was this announced D:

    I've done it once or twice because I'd seen it on other projects :(

    I'm sorry, I didn't know it was unacceptable D:...
     
  11. Offline

    lol768

    More info:
    http://wiki.bukkit.org/BukkitDev:Project_Submission_Guidelines#Download_Links

    As far as I know, the only exceptions are continuous integration servers (as stated on the Wiki) (e.g. Jenkins or whatever else is available now)
     
  12. Offline

    Gravity

    I needed to create a pack of malicious files that we could use to train our staff. Instead of making them, I just went to my file history and pulled like 15 of them off the first few pages of activity. We don't keep statistics, but you can rest assured that we're not doing this just because we can. That makes zero sense; there's no incentive for us to do all this work if it's not warranted.
     
    lDucks, Cowboys1919 and MrBluebear3 like this.
  13. Offline

    zachoooo

    But how do we know we can trust those other developers! What if the whole bukkit team is secretly implementing methods to destroy minecraft as we know it and send out dangerous plugins! #conspiracytheories
     
  14. Offline

    lDucks

    [​IMG]
     
    zachoooo likes this.
  15. Offline

    jast

    Okay then, after talking to other file moderators, I'll trust the situation really just is that bad. I still wonder why though.

    It would be great, however, if you could come up with a process or heuristic that allows plugin developers with a good track record to get approved by default (and perhaps later checked)
     
  16. Offline

    Gravity

    Again, while it would be nice, the battle of convenience vs. security is inherent to this field. For instance, you may find it easier to use one password for every site, but it takes a severe toll on security.

    If implemented, even developers who may not themselves be malicious may not take care of their account's credentials, and subsequently could become subject to people trying to get access to their account just to get a file online for an hour. That's ALL it would take. This suggestion would make them prime targets for attack, and would weaken the security we have put in place. Furthermore, we couldn't tell people their file is verified as secure because we have no idea if it actually is or not.
     
  17. Offline

    jast

    I can think of easier ways to get evil code on servers. For instance:
    • my plugin requires an external library, which the plugin page instructs users to install. I replace it with a slightly modified version.
    • I have good relations to several server owners. I link them a quick bugfix with "extra".
    • I setup a CI server, as per the plugin rules. Of course, the download links there are special.
    My point being, user accounts are not likely the weakest link.
     
    zachoooo likes this.
  18. Offline

    ZachBora

    That's why I only download from bukkitdev, or build.sk89q.com... usually...
     
  19. Offline

    Gravity

    • Our policy extends to off-site downloads as well. If you're encouraging people to download a library from your site instead of the official one, that's a no-no.
    • You're a bad person
    • CI server links are regulated by our rules as a gesture towards developers. If you really want to consider abusing them, we'll link you when we deny further attempts for people to use them.
    User accounts may not be the weakest link, but they are a source of MASS distribution when uploading a file. You may be able to get a file on someone's server by yourself, but someone with access to a huge developer's account can get a file on tens of thousands.
     
  20. Offline

    np98765

    It's not just the new developers that submit malicious code. "Trusted" developers can and have uploaded backdoors, too.
     
    h31ix likes this.
  21. Offline

    jast

    I know you have the policy, but you're not implementing the same level of safeguard at every point. Not that I'm saying you should...

    I concede this point. I would still argue about the actual damage being done. There's only limited value in compromising Minecraft servers (mostly lulz).

    I have no doubt. My question is only, how often does it happen?
     
  22. Offline

    Gravity

    It happens, and therefor we cannot implement something like this with a clear conscience, let alone doing it with all my previously mentioned points.
     
  23. Offline

    netherfoam

    I'm comfortable with the current system frankly. I know a rival server who uses my plugin (And I hate them ;)) - I'd be tempted to put a backdoor if it weren't for Bukkit moderating their plugins, in all honesty.

    Everyone does Dropbox links though, and I'm pretty sure (Almost) everyone knows that those files aren't bukkit approved (If they don't, well, they probably don't have much of a server to screw over).

    So I'm glad Bukkit moderates it. Keeps people honest. The automated scanning thing is cool, if you could write a script to stop bogus plugins from being uploaded in the first place - As some have said, you can still download files, without the link.

    And if your users really trust you, they can always go to your plugin, hit Subscribe, Tick Files, and save. Whenever they upload a version, you'll see it in your newsfeed the moment it's uploaded, and you can download it.
     
  24. Offline

    ZachBora

    I can't remember which plugin, it was something to do with common banlist of multiple servers... but anyway, they had hardcoded the names of their developpers in it and there was a huge controversy about it. People thought it was preventing them from being banned and stuff. I think it turned out all it did was color their name differently. But that's still not something you should be doing on a public plugin. It's like if I made PlotMe change my name to "ZachBora, PlotMe dev" on servers using my plugin.
     
  25. Offline

    Gravity

    If you see a project that uses offsite download links, report it please!
     
  26. Offline

    schmidtbochum

    I think this "backdoor" is enough. Maybe you should even display a warning message on the download page to show that the file has not been approved yet.

    There are so many idiots on the internet.What if someone overtakes the Account of the Essentials/WorldEdit Plugin and uploads malware?

    Keep up the good work!
     
  27. Offline

    ZachBora

    As much as I like ichat... he has links to his website on it to get latest versions. http://dev.bukkit.org/server-mods/ichat/


     
  28. Offline

    mbaxter ʇıʞʞnq ɐ sɐɥ ı

    ZachBora Report as in use the BukkitDev report feature ;)
     
  29. Offline

    Deathmarine

    I want to finish this statement.
    File Approvement is.... yeah you know, its.... AWESOME!!
     
  30. Offline

    Hidendra

    ah yes, MCAdmin. It also had hidden global bans so the developers could ban anyone they wanted from every MCAdmin-supported server (which was exposed when they used it to ban someone they disliked). It probably did other things. I forget too, though.
     
Thread Status:
Not open for further replies.

Share This Page