Remove Ban Feature from DreamDaemon

BYOND Forums

Announcements · BYOND Help · Bug Reports · Feature Requests · Beta Testers · Beta Bugs · Developer Help · Design Philosophy · Demos & Libraries · Tutorials & Snippets · Art & Sound · Classified Ads · Game Updates · Contests & Events · Linux Talk · On Topic · Off Topic

ID:133989 Aug 19 2007, 6:26 am (Edited on Aug 19 2007, 6:37 am)
Kakashi24142	I want the ban feature removed from DreamDaemon because the host could ban the owner of the game and all the other enforcers and take control. You might say "Why not use a trusted host?". Even if they are trusted, you never know when they might go bad. If not remove it, at least give a certain variable in code the power to control if the host can ban through DreamDaemon.

Aug 19 2007, 6:37 am
Crashed	Hmm, you used to be able to rig world.IsBanned() to always allow yourself, and any trustees into the game no matter if you're pager-banned or not. I don't think IsBanned has any effect over Dream Daemon's bans, so I support changing the ban functionality in DD.

Aug 19 2007, 7:07 am
Android Data	The whole argument is moot. The host is the one with the power, and there is nothing you can do about that as a developer. Removing or limiting DD's ban feature won't help either. It'll only cause the host to be slightly annoyed, as they have to go through the additional trouble of using `netstat` to determine your IP and use an external firewall to ban it. -- Data

Aug 19 2007, 8:33 am

Jtgibson

A host can always ban you, regardless of what Dream Daemon allows them to do. Exposing these features helps protect hosts from bad players, especially if some bone-headed developer failed to provide adequate administrative features to allow a host to protect his own server!

Again, people need to get away from this whole mentality that it's their game. Even if you designed it, drew it, and programmed it, the game belongs to the players: without them, your game would be forgotten overnight.

Really, if you really don't know "when they might go bad", they're not trustworthy. Until you can answer that question definitively, don't give them your hosting files.

There are also other solutions for rogue hosts, which any search of these forums can present. For instance, you can include a remotely-hosted whitelist or blacklist which the game periodically checks, or you can have kill signals received via world.Import() and send those from your own control program.

Ultimately, if you don't want a host going bad, don't give them a reason to in the first place. Hand-pick your hosts very carefully. Check references. Write legal contracts if you have to.

Aug 19 2007, 9:55 am (Edited on Aug 19 2007, 1:59 pm) In response to Jtgibson
Yorae	What you could do is use an external server that you control if the world can start up if the ip of the host is not on a list. This will bring power back to the developer and not the host you should be able to do this with php. Yorae Edited: Sorry was half awake

Aug 19 2007, 10:29 am In response to Yorae
Jtgibson	Yorae wrote: What you could do is use an external server that you control and you control if the world can start up if the ip of the host is not on the list. This will bring power back to the developer and not the host you should beable to do this with php. Mentioned that. That's what a blacklist is. =)

Aug 19 2007, 10:45 am

In response to Yorae

Android Data

Yorae wrote:

This will bring power back to the developer and not the host you should beable to do this with php.

Ultimately, it will not do this, since the host can bypass this by faking a successful connection.

If you do a world.Export() call to http://mysite.com/authentication.txt and verify that the file authentication.txt contains the text string "1", it would work at first.

But all the host needs to do is bypass it would be to reroute traffic to mysite.com to their own machine and host their own authentication.txt file with their own webserver.

Note that in order to do this the host doesn't even need to forward ports or anything; a local-only connection is easily possible.

And don't even think about putting some kind of password in authentication.txt: since the host must have the ability to read from this file (in order to determine if the password is correct) it can be easily read by anybody else.

On second thought, such a system may be able to work if the PHP script generates a specific key which changes everytime the script is accessed. However I believe it is possible to create a macro that will be able to override this.

-- Data

Aug 19 2007, 10:55 am In response to Android Data
Kaioken	Been discussed a lot of times already and said, people don't seem to get or read it. Hell, been argued before 4.0 was public released. It's arguable most people won't actually use their firewall to block, too noobish really... but as Lummox is in the host camp anyway its futile. We really need pinned topics now not only for this, what's the holdup?

Aug 20 2007, 12:54 am In response to Kaioken
digitalmouse	sticky threads are on the list. more important to get 4.0 stable. this topic had been discussed at length before. search is your friend! closed.