What about GCFscape thats how people install SM and others on their listen servers, thats like the only thing valve uses, is GCF
On Tue, Mar 30, 2010 at 8:31 PM, Arg! <[email protected]> wrote: > Im certainly no expert on how the libraries are being used here, but > shouldnt the code explicitly state that certain cvars are to only come from > the replicated source, eg the game server? Sure there might be ways around > this with injection as mentioned but shouldnt the listen server (to cover > the lan side) be using a seperate copy of the engine binaries which are > affected here so when plugins are run in that context, they do not override > the cvars being replicated from the actual gameserver the client is > connected to? > > I was under the impression this problem existed because the client was > sharing binaries with another server running on the local machine, so > seperating the binaries being used would fix this surely. > > On Wed, Mar 31, 2010 at 10:12 AM, Tony Paloma <[email protected] > >wrote: > > > Also, I don't think that removing the plugin functionality is going to > fix > > anything. There are other ways to inject a DLL into a running process. > What > > really needs to happen is for VAC to be updated to detect the cheater > > plugins. > > > > -----Original Message----- > > From: [email protected] > > [mailto:[email protected]] On Behalf Of Craig H > > Sent: Tuesday, March 30, 2010 3:35 PM > > To: Half-Life dedicated Win32 server mailing list > > Subject: Re: [hlds] Plugin Loading on clients, enough is enough. > > > > Sadly this would remove the ability for people to run a server with > plugins > > through their client. I've done this in the past to host a LAN game using > a > > few plugins to play some of the gametypes people have created. While I > > agree > > something must be done, I don't really want to see that functionality > going > > away. > > > > On Tue, Mar 30, 2010 at 3:55 AM, ics <[email protected]> wrote: > > > > > Clients should never need any addons loaded. They can do just fine > > > without them too. Having any plugins installed on client can do huge > > > damage to servers so ability to run those on clients should be blocked. > > > Players game shouldnt even start if there are something within addons > > > folder on the pc or something else. Something that cannot be bypassed > > > within 1 second. If clients need plugins, they should be separate from > > > addons, like client-addons in which they could be used and not at all > on > > > a server. > > > > > > The current way is ridiculous that a CLIENT can have same plugin as > > > SERVER and have free wallhack among other things. I seriously hope they > > > are working for a fix for this and for the several other exploits that > > > currently exist within the older CSS engine and the newer ones too. > > > > > > -ics > > > > > > 28.3.2010 22:50, Charles Mabbott kirjoitti: > > > > In a general sense, there are a couple of client side plug-ins that > do > > in > > > > fact serve a valid purpose, POV-Recorder, the ESEA Client plug-in and > a > > > > couple of others. At this point I am definitely for simply locking > out > > > > plug-ins on the client side, but I would rather not lose some of the > > > > functionality these have. > > > > > > > > And on another note, the client plugin to intercept CVAR responses to > > the > > > > server has existed for quite a while now. > > > > > > > > -----Original Message----- > > > > From: [email protected] > > > > [mailto:[email protected]] On Behalf Of Dominic > > > Marciano > > > > Sent: Sunday, March 28, 2010 11:14 AM > > > > To: [email protected] > > > > Subject: Re: [hlds] Plugin Loading on clients, enough is enough. > > > > > > > > > > > > it takes someone to fall to their death before they put safety rails. > > > > > > > > > > > >> From: [email protected] > > > >> Date: Sun, 28 Mar 2010 14:56:39 +0100 > > > >> To: [email protected] > > > >> Subject: Re: [hlds] Plugin Loading on clients, enough is enough. > > > >> > > > >> How about just allowing plugins for dedicated servers? > > > >> > > > >> Just as a heads up, I'm gonna try to make a client plugin which > hooks > > > >> SVC_GetCvarValue, and just always responds with the default CVar > > value. > > > >> > > > > This > > > > > > > >> renders any server-side cheat detection (like KAC) completely > useless. > > > >> Hopefully releasing it as a POC will force VALVe to do something > (why > > > does > > > >> it always have to come to this?) > > > >> > > > >> Thanks, > > > >> - Saul. > > > >> > > > >> > > > >> On 28 March 2010 14:49, AnAkIn .<[email protected]> wrote: > > > >> > > > >> > > > >>> I don't think that's a good idea. Someone will just code a client > > side > > > >>> plugin to report false informations to the server. > > > >>> > > > >>> 2010/3/28 Keeper<[email protected]> > > > >>> > > > >>> > > > >>>> I have e-mailed somebody at valve, and simply asked them if the > > server > > > >>>> operators can see a list of plugins on the client ( like > > plugin_print > > > >>>> > > > > ). > > > > > > > >>>> This would give the operator the ability to kick if plugins are > > loaded > > > >>>> > > > > on > > > > > > > >>>> the client. But I think also looking at the GameBin will allow > the > > > >>>> > > > >>> server > > > >>> > > > >>>> to see if they are loading anything outside of the standard VSP > > > >>>> > > > >>> interface. > > > >>> > > > >>>> I don't think stopping it will be completely possible on the > client, > > > >>>> > > > > but > > > > > > > >>>> giving the server operator the choice would be a nice thing. > > > >>>> > > > >>>> But they did respond that they are working on it. > > > >>>> > > > >>>> Keeper > > > >>>> > > > >>>> -----Original Message----- > > > >>>> From: Kyle Sanderson [mailto:[email protected]] > > > >>>> Sent: Saturday, March 27, 2010 8:33 PM > > > >>>> To: Half-Life dedicated Linux server mailing list; Half-Life > > dedicated > > > >>>> Win32 > > > >>>> server mailing list > > > >>>> Subject: [hlds] Plugin Loading on clients, enough is enough. > > > >>>> > > > >>>> Since forever, players have been able to load plugins on their > > clients > > > >>>> letting them get around cheat sensitive variables such as > sv_cheats, > > > >>>> allowing them to use r_drawothermodels, mat_wireframe, etc. We > as > > > >>>> > > > > server > > > > > > > >>>> admins have had the option to install various anti cheat addons > > (Kigen > > > >>>> > > > >>> Anti > > > >>> > > > >>>> Cheat, VBAC, and than some rather lame ones for EventScripts) in > > order > > > >>>> > > > > to > > > > > > > >>>> get around these quite severe downfalls in the engine. However > now, > > > >>>> > > > > there > > > > > > > >>>> is > > > >>>> a LUA scripting interface<http://www.3rdera.com/> that has been > > > >>>> > > > >>> written, > > > >>> > > > >>>> and is now fully supporting engine exploits in order to cause > > trouble > > > >>>> > > > > for > > > > > > > >>>> server admins and for other players. No one can justify it's use, > > > >>>> > > > > every > > > > > > > >>>> single script written has been made to get around server settings > > and > > > >>>> protections put in place to keep order, and to keep the game > > fluently > > > >>>> moving > > > >>>> along. Right now, players cannot be VAC banned for using this, > it's > > > >>>> > > > > also > > > > > > > >>>> going against every single reason why VAC was created. Instead of > > > >>>> > > > >>> battling > > > >>> > > > >>>> these antics with these scripters, I'm begging you Valve to please > > > >>>> > > > > remove > > > > > > > >>>> this function from clients as there's absolutely no reason for > them > > to > > > >>>> > > > >>> have > > > >>> > > > >>>> it. I've sent two emails to a couple employees which were left > > > >>>> > > > >>> unanswered, > > > >>> > > > >>>> I > > > >>>> know others have done the same. > > > >>>> > > > >>>> Here's a forum full of countless exploits: > > > >>>> http://www.3rdera.com/forum/viewforum.php?f=5 > > > >>>> > > > >>>> If you don't want to read the wall of text explaining why players > > > >>>> > > > > should > > > > > > > >>>> not > > > >>>> be allowed to load plugins, I'm sure your common sense on the > issue > > > >>>> > > > > will > > > > > > > >>> be > > > >>> > > > >>>> more than sufficient to respond. > > > >>>> Kyle Sanderson. > > > >>>> > > > >>>> > > > >>>> _______________________________________________ > > > >>>> To unsubscribe, edit your list preferences, or view the list > > archives, > > > >>>> please visit: > > > >>>> http://list.valvesoftware.com/mailman/listinfo/hlds > > > >>>> > > > >>>> > > > >>> _______________________________________________ > > > >>> To unsubscribe, edit your list preferences, or view the list > > archives, > > > >>> please visit: > > > >>> http://list.valvesoftware.com/mailman/listinfo/hlds > > > >>> > > > >>> > > > >> _______________________________________________ > > > >> To unsubscribe, edit your list preferences, or view the list > archives, > > > >> > > > > please visit: > > > > > > > >> http://list.valvesoftware.com/mailman/listinfo/hlds > > > >> > > > > > > > > _________________________________________________________________ > > > > Looking for a new home? With all the latest places, searching has > never > > > been > > > > easier. > > > > http://clk.atdmt.com/NMN/go/157631292/direct/01/ > > > > _______________________________________________ > > > > To unsubscribe, edit your list preferences, or view the list > archives, > > > > please visit: > > > > http://list.valvesoftware.com/mailman/listinfo/hlds > > > > > > > > > > > > _______________________________________________ > > > > To unsubscribe, edit your list preferences, or view the list > archives, > > > please visit: > > > > http://list.valvesoftware.com/mailman/listinfo/hlds > > > > > > > > > > > > > _______________________________________________ > > > To unsubscribe, edit your list preferences, or view the list archives, > > > please visit: > > > http://list.valvesoftware.com/mailman/listinfo/hlds > > > > > _______________________________________________ > > To unsubscribe, edit your list preferences, or view the list archives, > > please visit: > > http://list.valvesoftware.com/mailman/listinfo/hlds > > > > > > _______________________________________________ > > To unsubscribe, edit your list preferences, or view the list archives, > > please visit: > > http://list.valvesoftware.com/mailman/listinfo/hlds > > > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > http://list.valvesoftware.com/mailman/listinfo/hlds > _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds
