corp-0
commented
1 month ago is there no way to add the new package as a dependency instead of directly adding the code to our codebase?
Closed Bod9001 closed 1 month ago
corp-0
commented
1 month ago is there no way to add the new package as a dependency instead of directly adding the code to our codebase?
corp-0
commented
1 month ago so I imagine this chat isn't spatial, right? It is all global
Bod9001
commented
1 month ago it's spatial
Bod9001
commented
1 month ago only thing that looks fiddly for code scan
Sandbox violation: Access to type not allowed: [UnityEngine.AudioModule]UnityEngine.Microphone in Assembly Adrenak.UniMic.Runtimehow should we handle microphone access with secure stuff?
man This is stupid, who thought this was a good idea to add to c# xD
Sandbox violation: Access to type not allowed: [mscorlib]System.Runtime.Serialization.Formatters.Binary.BinaryFormatter in Assembly Assets
BinaryFormatter classes implement the IRemotingFormatter interface to support remote procedure calls (RPCs),
"The BinaryFormatter type is dangerous and is not recommended for data processing. Applications should stop using BinaryFormatter as soon as possible, even if they believe the data they're processing to be trustworthy. BinaryFormatter is insecure and can't be made secure."Guess I'll have to swap it out for mirrors custom reader writers,
MaxIsJoe
commented
1 month ago we already let our selves access things like the clipboard, I don't see why we should start worrying about microphone access. though in the future, it would be nice if we can tell players on stationhub that a fork has the ability to access stuff like your microphone
If we really want to make this extra secure, simply do the same thing we do for safeurl but for microphones, and explicitly only allow audio listening when it is allowed by the user.
Bod9001
commented
1 month ago yeah, I'm just wondering what people's thought on microphone access
Changelog:
CL: [New] Oddly the assistantes seem more noisy then normal