7 replies to this topic

[Ajt86]

While it is possible to, in some way, modify the ROM by screwing with the fs / io API, I would like to change rom/startup because it can cause security exploits (most notably with disks) and modifying the API just doesn't make the cut because rom/startup is already run before /startup. I would also like it to be possible to have each computer have a custom rom, to allow for it on servers.

Would it be possible to allow the person who placed the computer to modify the rom directory or allow its modification only when a new computer is placed (computer must be backed up and replaced to fix)?

This system could become 100% secure simply by requiring that the person labels their computer and the OS checks the computer's ID every startup to verify that a potential hacker hasn't (somehow) copied all files off and replaced the computer with a new one. On top of that, the hacker wouldn't even be able to obtain the files without breaking into the OS, assuming the OS is custom and supports user-level security (or file encryption).

Here's how exactly it could work...

• User places a new computer (new ID generated)
  
  
  
  
• Computer asks the user if they want to modify the rom (recommends to select "no")
  
  
  
  
• If yes, computer opens up into a basic shell where the user is asked to select a disk drive containing the new rom
  
  
  
  
• Computer then resumes running by going through the OS's security checks (OS handles sandboxing, etc).
  
  
  
  
• User now has a secure computer.

I don't see how this could be misused and hope that it gets implemented.

Edited by Ajt86, 12 January 2016 - 02:51 PM.

[Anavrins]

Preventing disk autorun doesn't need any change to the bios and can be easily done with a resource pack that modifies the /rom/startup.
I personally think having the opportunity to load an arbitrary bios would cause a lot of instability.

[Creator]

The bios controls things like protecting the metatables of the string API. It also defines the function print. I am not sure you want to mess with that.

[Ajt86]

Ah, well at least a way of modifying all rom files (except bios.lua) then.

[Anavrins]

Ajt86, on 11 January 2016 - 07:07 PM, said:

Ah, well at least a way of modifying all rom files (except bios.lua) then.

In that case, it is already possible.
http://www.computerc...resource-packs/

[Ajt86]

Unfortunately, that doesn't allow the individual modification of each computer's rom.

[Anavrins]

Still, adding arbitrary rom stuff is not recommended, though you'd be happy to know that the latest beta of CC allows for disabling startup script on a per-computer basis. http://www.computerc...ta-information/

Edited by Anavrins, 13 January 2016 - 02:43 AM.

[SquidDev]

There was a similar discussion a while back which discussed a similar problem, and highlights some issues. However you might want to look at the latest beta which has an option to disable booting from disks, which solves most problems.