Thread
:
Security question ... what can source mode access on a windows machine ?
View Single Post
asherkin
SourceMod Developer
Join Date: Aug 2009
Location: OnGameFrame()
06-01-2020 , 08:57 Re: Security question ... what can source mode access on a windows machine ?
#
4
The SourceMod plugin runtime is not sandboxed, plugins can access anything that the SRCDS process can access (which is probably going to be the same as anything the user running SRCDS can access).
You should treat a compiled plugin as you would any other executable code. If you're talking vulnerabilities rather than intentionally malicious code (all SourceMod plugins are legally required to be distributed with source code, so you can always audit and compile them yourself), I'd be a lot more wary of SRCDS itself personally.
There's no great risk here, just isolate SRCDS as you would any other server daemon.
__________________
Spider - A Replacement Webcompiler
Accelerator - Crash Reporting That Doesn't Suck
VTable.js - In-browser Virtual Function Table Dumper
TF2Items
|
SteamTools
|
VPhysics
|
RocketBounce
|
Free2BeKicked
|
Connect
|
Webcon & Conplex
asherkin
View Public Profile
Send a private message to asherkin
Visit asherkin's homepage!
Find More Posts by asherkin