Hi Philip, Yes, I do think that would solve the problem, but I would recommend limiting it to 64 KB which is Microsoft's recommendation per software product. This keeps the registry small and prevents anyone from heavily abusing it. After all, 100 values is quite a lot, and I can't imagine any game requiring that many values for program settings etc. I hope you stressed that saved games should be serialized and written to a file not stored in the registry. As long as people do that 100 values isn't necessary for program settings, registration info, etc.
On 11/21/11, Philip Bennefall <phi...@blastbay.com> wrote: > Hi Willem, > > I can insert a limit of, say, 100 values for each game. Each value can be at > most 2048 bytes in length, which would mean that a script writer could not > store more than 200 kb in the registry. Would this solve the problem for > you? > > I think though that no matter how you look at it, badly written code can > always cause more or less serious issues. I have screen reader support in > the engine where you can interrupt and stop the speech, and if someone wrote > an infinite loop accidentally that kept stopping the speech it might be hard > to shut that program down. Does this mean we should not have screen reader > support? You can also delete files with the file_delete function. Again, > something else that could be abused. There just comes a point where you need > to decide whether or not you trust the writer of the game enough to subject > your computer to their code, which is true of any game or software > application. It is hard for me as the engine designer to prevent people > from, intentionally or unintentionally, writing code that may be harmful in > one way or another. But I will certainly do as much as I possibly can to > make it more unlikely to occur, including limiting registry access if people > feel it is necessary. > > Kind regards, > > Philip Bennefall --- Gamers mailing list __ Gamers@audyssey.org If you want to leave the list, send E-mail to gamers-unsubscr...@audyssey.org. You can make changes or update your subscription via the web, at http://mail.audyssey.org/mailman/listinfo/gamers_audyssey.org. All messages are archived and can be searched and read at http://www.mail-archive.com/gamers@audyssey.org. If you have any questions or concerns regarding the management of the list, please send E-mail to gamers-ow...@audyssey.org.
