Restricting VSP interface wouldn't help, sadly. I have no idea how VAC works, but there should be no untrusted native code running in the same process as the game. Plugins are untrusted. It's (IMO) an architectural flaw that listen servers leak into the client in the way they do.
A short-term fix would be stopping clients from connecting to VAC servers when they have plugins loading, and VAC-flagging clients who manage to still connect. Valve has known about this problem for ages. It's just not an easy problem to fix. -dvander On 4/12/10 6:08 PM, Michael Krasnow wrote: > I think a restricted VSP interface would be good, but if that can't be done > then i would remove it > > Sent by my imaginary iPad > > On Mon, Apr 12, 2010 at 5:49 PM, Kigen<[email protected]> wrote: > >> Indeed, if I wanted to I could create a massive cheat with SourceMod >> and VAC wouldn't do much about it since its SourceMod that is doing it >> since the plugins are simply byte code that SourceMod executes. >> >> On Mon, Apr 12, 2010 at 4:36 PM, Donnie Newlove >> <[email protected]> wrote: >>> Even if that is true that's not the whole truth. A big problem is that >>> completely legitimate tools used on the server side and which works >>> even on listen servers are also active in client mode. This turns >>> admin mods like SourceMod into hacks. Should VAC ban users with a >>> SourceMod install? The only way to solve this in a reasonable manner >>> is to turn this feature off. >>> >>> On Mon, Apr 12, 2010 at 10:10 PM, HL-SDK Synths<[email protected]> >> wrote: >>>> I have the hotdogs, let's now find some sticks on which to roast them. >>>> >>>> Hi, I am the author of the post on G-D you linked to. I appreciate what >> you >>>> have worked for, I truly do. It is unfortunate that more methods are not >>>> available to you (it seems that simple by-name querying is as far as it >>>> goes). >>>> >>>> As for bans, I'd like to clarify that using the plugin interface is no >> way >>>> at all ban proof. If I decide to overwrite game code, I can expect a >> ban. If >>>> this "proofen" status was the case, I would be acting like Hatter does >> on >>>> Assault Cube: >>>> http://forum.gamedeception.net/threads/19310-Assault-cube-Bo00om >>>> >>>> Headshotting the wntire team all at once without moving. Enough >> hyperbole. >>>> >>>> *My point: "VSP" IS EXACTLY LIKE LOADING VIA INJECTOR, IT IS NO SAFER. >>>> *The only benefit is the interface which provides load and unload. I can >> do >>>> all of that with an extra plugin emulating the VSP interface. You have >> done >>>> a good job of blocking namestealers and people who abuse sourcemod, and >> for >>>> that I am sure many servers are more playable.* >>>> * >>>> I have no analogies. >>>> >>>> On Mon, Apr 12, 2010 at 3:49 PM, 1nsane<[email protected]> wrote: >>>> >>>>> Bad analogy?! Perfect analogy! >>>>> >>>>> On Mon, Apr 12, 2010 at 2:53 PM, ics<[email protected]> wrote: >>>>> >>>>>> If you say that to an alzheimer patient, you have to say it again, >> and >>>>>> again, and again and they each time you say that, they forget it soon >>>>>> after. Ok ok, bad analogy but they aren't really paying attention or >> it >>>>>> would be fixed already, along with all the other exploits in the >> engine. >>>>>> >>>>>> >>>>> _______________________________________________ >>>>> To unsubscribe, edit your list preferences, or view the list archives, >>>>> please visit: >>>>> http://list.valvesoftware.com/mailman/listinfo/hlds >>>>> >>>> _______________________________________________ >>>> To unsubscribe, edit your list preferences, or view the list archives, >> please visit: >>>> http://list.valvesoftware.com/mailman/listinfo/hlds >>>> >>> >>> _______________________________________________ >>> To unsubscribe, edit your list preferences, or view the list archives, >> please visit: >>> http://list.valvesoftware.com/mailman/listinfo/hlds >>> >> >> _______________________________________________ >> To unsubscribe, edit your list preferences, or view the list archives, >> please visit: >> http://list.valvesoftware.com/mailman/listinfo/hlds >> > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, please > visit: > http://list.valvesoftware.com/mailman/listinfo/hlds _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds
