[Suggestion] IO.WriteFile and IO.ReadFile

EK.IceFlake · Jun 08, 2017, 12:31 PM

Would be nice if we'd have some client-side storage-limited IO locked to the store folder.

null IO.WriteFile(string path_relative_to_the_store_directory, array<int> buffer);
array<int> IO.ReadFile(string path_relative_to_the_store_directory);

:edit: Files in store are cleared if they do not exist in the server's store directory every rejoin. Maybe VCMP/04beta/serverdata/ip-port.
:edit: Stream functionality like file in sqstdlib would be even better due to efficiency.

KAKAN · Jun 09, 2017, 10:34 AM

This was discussed before. I agree, we should be given a space of like 5MB to store our data in client side. But writing and reading files, never.

EK.IceFlake · Jun 09, 2017, 10:36 AM

Quote from: KAKAN on Jun 09, 2017, 10:34 AMBut writing and reading files, never.

How else and why not?

vito1 · Jun 09, 2017, 10:38 AM

Quote from: EK.IceFlake on Jun 09, 2017, 10:36 AMHow else and why not?

SQLite for example and security reasons.

KAKAN · Jun 09, 2017, 10:39 AM

localStorage or IndexedDB in JS standards. Something like that.
And for the other part, I said that it was discussed. So search it.

EightyVice · Jun 09, 2017, 05:01 PM

You read my mind about that , +1
but you know maybe it abused like making viruses and so on :v

Stormeus · Jun 09, 2017, 09:52 PM

We will never allow arbitrary client-side I/O since it can be abused to write malicious executables that automatically run when the player's computer is restarted.

At best we could give a limited amount of space per server for a key/value store.

EightyVice · Jun 09, 2017, 11:28 PM

Quote from: Stormeus on Jun 09, 2017, 09:52 PMWe will never allow arbitrary client-side I/O since it can be abused to write malicious executables that automatically run when the player's computer is restarted.

At best we could give a limited amount of space per server for a key/value store.

What about making a folder for the files and disallow the way to reach to any folder and making specific extintions that can't be excited
Like bat exe vbs and so on?

Stormeus · Jun 10, 2017, 02:09 AM

Quote from: Zeyad Ahmed on Jun 09, 2017, 11:28 PM
Quote from: Stormeus on Jun 09, 2017, 09:52 PMWe will never allow arbitrary client-side I/O since it can be abused to write malicious executables that automatically run when the player's computer is restarted.

At best we could give a limited amount of space per server for a key/value store.
What about making a folder for the files and disallow the way to reach to any folder and making specific extintions that can't be excited
Like bat exe vbs and so on?

Sure, I'll just surreptitiously write 500GB of data to your hard drive to exhaust it then.

Oh, I know how to fix that, we'll just limit the amount of space a server has to write to the client's disk. But maybe I can crash your computer by writing a file named $MFT. In which case we can limit writing data to a specific file per server, or limit the types of data that can be written.

Now we're just at this suggestion:

Quote from: KAKAN on Jun 09, 2017, 10:34 AMwe should be given a space of like 5MB to store our data in client side

Quote from: KAKAN on Jun 09, 2017, 10:39 AMlocalStorage or IndexedDB in JS standards. Something like that.

EightyVice · Jun 10, 2017, 04:55 AM

Quote from: Stormeus on Jun 09, 2017, 09:52 PMOh, I know how to fix that, we'll just limit the amount of space a server has to write to the client's disk. But maybe I can crash your computer by writing a file named $MFT

What the F*ck
That's why my D: Drive is corrupt and it says some $MFT bla bla and i cant do check desk
you know something i got a big :v

EK.IceFlake · Jun 10, 2017, 04:58 AM

I'll then recommend client-side SQLite storage, maybe with reversed endianness to prevent users from tampering with it using ordinary SQLite editing tools.

Xmair · Jun 10, 2017, 06:58 AM

Quote from: Zeyad Ahmed on Jun 10, 2017, 04:55 AM
Quote from: Stormeus on Jun 09, 2017, 09:52 PMOh, I know how to fix that, we'll just limit the amount of space a server has to write to the client's disk. But maybe I can crash your computer by writing a file named $MFT
What the F*ck
That's why my D: Drive is corrupt and it says some $MFT bla bla and i cant do check desk
you know something i got a big :v

For fucks sake we can read what you're saying there's no need for the size tags.

Stormeus · Jun 10, 2017, 08:36 AM

Quote from: EK.IceFlake on Jun 10, 2017, 04:58 AMI'll then recommend client-side SQLite storage, maybe with reversed endianness to prevent users from tampering with it using ordinary SQLite editing tools.

Why would you store anything on the client-side that you can't trust the client not to modify?

maxorator · Jun 10, 2017, 08:36 AM

Quote from: EK.IceFlake on Jun 10, 2017, 04:58 AMI'll then recommend client-side SQLite storage, maybe with reversed endianness to prevent users from tampering with it using ordinary SQLite editing tools.

If you don't want the users to see or edit something, you should not be storing it on the client side. We will not be giving people the false sense of security that their completely broken approach is somehow okay. If anything, this store should be something standard that is easy to debug with existing tools.

DizzasTeR · Jun 10, 2017, 08:38 AM

What about XML data saving?

[Suggestion] IO.WriteFile and IO.ReadFile

vito1