Closed TrainDoctor closed 2 years ago
OdinVex
commented
2 years ago I'm concerned this could allow malware to hide more easily. A list of installed Plugins would really be in the best interest of users, whether they have options or not. No plugin should be able to modify PluginLoader or the UI in maintaining Plugins, or a malicious plugin could take over things.
WerWolv
commented
2 years ago I'm concerned this could allow malware to hide more easily. A list of installed Plugins would really be in the best interest of users, whether they have options or not. No plugin should be able to modify PluginLoader or the UI in maintaining Plugins, or a malicious plugin could take over things.
This isn't really an issue. As soon as you install absolutely anything on your Steam Deck, you're opening yourself up for this kind of attacks. Applications don't need to go through Decky to inject things into Steam, they can simply use the same method we are using and inject code that way.
AAGaming00
commented
2 years ago This is supported already, but a dialog box letting the user know when installing one would be nice.
OdinVex
commented
2 years ago I'm concerned this could allow malware to hide more easily. A list of installed Plugins would really be in the best interest of users, whether they have options or not. No plugin should be able to modify PluginLoader or the UI in maintaining Plugins, or a malicious plugin could take over things.
This isn't really an issue. As soon as you install absolutely anything on your Steam Deck, you're opening yourself up for this kind of attacks. Applications don't need to go through Decky to inject things into Steam, they can simply use the same method we are using and inject code that way.
I believe you underestimate the situation, but it is your project. I'll just clone what I want out of it and harden it myself for personal&friends use, then. Nice project otherwise.
TrainDoctor
commented
2 years ago I'm concerned this could allow malware to hide more easily. A list of installed Plugins would really be in the best interest of users, whether they have options or not. No plugin should be able to modify PluginLoader or the UI in maintaining Plugins, or a malicious plugin could take over things.
This isn't really an issue. As soon as you install absolutely anything on your Steam Deck, you're opening yourself up for this kind of attacks. Applications don't need to go through Decky to inject things into Steam, they can simply use the same method we are using and inject code that way.
I believe you underestimate the situation, but it is your project. I'll just clone what I want out of it and harden it myself for personal&friends use, then. Nice project otherwise.
The Deck is a PC at heart and users can get access to any part of it just like it was a normal linux desktop PC if they wanted to. We're also an entirely volunteer project and have to chose our scope wisely. Alongside these pieces of information I'd just like to state: if users install plugins that we do not provide to them with our seal of approval from the Decky Store, then we do not assume any liability for those actions. I'd love to see what changes you make and if we can integrate them alongside our CI/CD, PRs appreciated. Cheers.
OdinVex
commented
2 years ago I'm concerned this could allow malware to hide more easily. A list of installed Plugins would really be in the best interest of users, whether they have options or not. No plugin should be able to modify PluginLoader or the UI in maintaining Plugins, or a malicious plugin could take over things.
This isn't really an issue. As soon as you install absolutely anything on your Steam Deck, you're opening yourself up for this kind of attacks. Applications don't need to go through Decky to inject things into Steam, they can simply use the same method we are using and inject code that way.
I believe you underestimate the situation, but it is your project. I'll just clone what I want out of it and harden it myself for personal&friends use, then. Nice project otherwise.
The Deck is a PC at heart and users can get access to any part of it just like it was a normal linux desktop PC if they wanted to. We're also an entirely volunteer project and have to chose our scope wisely. Alongside these pieces of information I'd just like to state: if users install plugins that we do not provide to them with our seal of approval from the Decky Store, then we do not assume any liability for those actions. I'd love to see what changes you make and if we can integrate them alongside our CI/CD, PRs appreciated. Cheers.
As an OS dev myself, I'm more than aware of what the SteamDeck is. I already know the risks, I wish to simply at least attempt to mitigate some.
AAGaming00
commented
2 years ago A list of installed Plugins would really be in the best interest of users
This exists in settings
No plugin should be able to modify PluginLoader or the UI in maintaining Plugins, or a malicious plugin could take over things.
Preventing UI tampering is next to impossible due to the nature of JS.
Non-root plugins already cannot modify the PluginLoader as the directory is owned by root.
OdinVex
commented
2 years ago A list of installed Plugins would really be in the best interest of users
This exists in settings
No plugin should be able to modify PluginLoader or the UI in maintaining Plugins, or a malicious plugin could take over things.
Preventing UI tampering is next to impossible due to the nature of JS.
Non-root plugins already cannot modify the PluginLoader as the directory is owned by root.
My stock plus-Decky has deck permissions, though set to read-only. As for JS...just don't use JS for plugins, create a small API and sandbox. Beyond the scope desired by Decky, I'm guessing...
TrainDoctor
commented
2 years ago A list of installed Plugins would really be in the best interest of users
This exists in settings
No plugin should be able to modify PluginLoader or the UI in maintaining Plugins, or a malicious plugin could take over things.
Preventing UI tampering is next to impossible due to the nature of JS. Non-root plugins already cannot modify the PluginLoader as the directory is owned by root.
My stock plus-Decky has
deckpermissions, though set to read-only. As for JS...just don't use JS for plugins, create a small API and sandbox. Beyond the scope desired by Decky, I'm guessing...
Using JS and React is fundamental to maintaining UI consistency with the Steam Deck because the Steam Deck's UI is made in react, and in turn JavaScript. Your goal is not achievable as this isn't a console platform with locked down hardware and or software. This is a glorified PC with custom firmware and hardware running a derivative of Arch Linux. If you want to provide more feedback related to your sandboxing/security concerns feel free to start a different issue. I'd like to keep this issue on-topic.
OdinVex
commented
2 years ago A list of installed Plugins would really be in the best interest of users
This exists in settings
No plugin should be able to modify PluginLoader or the UI in maintaining Plugins, or a malicious plugin could take over things.
Preventing UI tampering is next to impossible due to the nature of JS. Non-root plugins already cannot modify the PluginLoader as the directory is owned by root.
My stock plus-Decky has
deckpermissions, though set to read-only. As for JS...just don't use JS for plugins, create a small API and sandbox. Beyond the scope desired by Decky, I'm guessing...Using JS and React is fundamental to maintaining UI consistency with the Steam Deck because the Steam Deck's UI is made in react, and in turn JavaScript. Your goal is not achievable as this isn't a console platform with locked down hardware and or software. This is a glorified PC with custom firmware and hardware running a derivative of Arch Linux. If you want to provide more feedback related to your sandboxing/security concerns feel free to start a different issue. I'd like to keep this issue on-topic.
More than aware, I've done OS development from x86 to embedded ARM. It is achievable, it just isn't what Decky is looking to do. Digressing.
WerWolv
commented
2 years ago A list of installed Plugins would really be in the best interest of users
This exists in settings
No plugin should be able to modify PluginLoader or the UI in maintaining Plugins, or a malicious plugin could take over things.
Preventing UI tampering is next to impossible due to the nature of JS. Non-root plugins already cannot modify the PluginLoader as the directory is owned by root.
My stock plus-Decky has
deckpermissions, though set to read-only. As for JS...just don't use JS for plugins, create a small API and sandbox. Beyond the scope desired by Decky, I'm guessing...Using JS and React is fundamental to maintaining UI consistency with the Steam Deck because the Steam Deck's UI is made in react, and in turn JavaScript. Your goal is not achievable as this isn't a console platform with locked down hardware and or software. This is a glorified PC with custom firmware and hardware running a derivative of Arch Linux. If you want to provide more feedback related to your sandboxing/security concerns feel free to start a different issue. I'd like to keep this issue on-topic.
More than aware, I've done OS development from x86 to embedded ARM. It is achievable, it just isn't what Decky is looking to do. Digressing.
Please, if you know so much about OS development, actually share your ideas with us in how this should be implemented. As of right now all you're doing is bragging and complaining without providing any useful input. I'm more than happy to review a PR of you implementing a more secure system or talk to you on Discord about this if you're actually willing to participate in a meaningful way.
I'm going to lock this issue for now as it has gotten far from on-topic.
AAGaming00
commented
2 years ago This was implemented a while ago.
For plugins which provide extra functionality to other plugins or just run in the background with no aim to expose any UI to a user.