Let's talk about backdoors

Right since I feel bad cluttering up the WAYWO thread with arguments about how combatting backdoors is best fulfilled. I presented a potential approach to the problem and it was met with a significant quantity of deconstruction on the idea that users should just have to read everything - an idea that I don’t think we can fully credit but let’s have an actual discussion about it.

Moat presents the following pie chart from a sample of 100 workshop backdoors:

Note: as far as I can tell he didn’t read what happens in timer, http or chat command. The three largest groups could be dealt with in a whitelist style system that was proposed in the WAYWO thread.

From the outset we should define the constraints of our model, to me that looks somewhat like this:

  1. We shouldn’t expect every backdoor to be found through an audit.
  2. We shouldn’t trust workshop addons to always be clean - especially after an update.
  3. We should expect the average user to not be able to audit through the several tens of thousands of lines of code that run through a server. It would take far too long and the alternative of “don’t use it” defeats the purpose of community made scripts.

Can we have a civilised discussion about this that doesn’t dissolve into “natural selection for servers” - a concept that is still bizarre to me.

I never considered what you were going to make was meant for the public. In which case, almost anything you make will be bypassed, so before you do anything I recommend you learn a lot more about g/Lua. - Even your WAYWO example has syntax errors.

There is a bot that scans new workshop addons and sweeps (doesn’t remove) the workshop every now and again for malicious code that is then sent to glua.team elves to determine if there’s a backdoor or not. Rubat is emailed at the very least once every week or two with backdoor’d workshop addons, and he has been doing a great job removing them. People are abusing exploits or having dumb admins run Lua now, workshop backdoors are really slowing down.

Decent servers that don’t rely on fuckloads of workshop addons should be fine anyway. Just extract everything and quickly scan through it yourself, then use the extracted version instead of the version on workshop. There’s not much that can be done about backdooring, skids are always going to find a way around it.

How would you, Garry’s Mod, Source or Lua know what a backdoor is? The first step to prevention is detection. If you cant detect a backdoor how can you tell people about it?

The only way to programatically detect a backdoor is the either have a list of suspicious commands that you could use static analysis to detect or run the command and find out what it did.

In the end, all console commands are executed on the server. The server has root access to the server and if the server is the one executing the command, you are immediately in an awkward spot. If the server should never run the console command, easy. If its something like an admin concommand where the server needs to be able to execute it as well as players then its tricky.