Compiled scripts?
by Jon C · in Torque Game Engine · 09/10/2005 (1:44 am) · 17 replies
I may be missing something here, but when looking through TGE's directories, I have yet to find any indication of a script compiler...
Is there such a thing? To turn .cs into something no one can read or use?
Is there such a thing? To turn .cs into something no one can read or use?
#2
If you mean where in the TGE source the compilation is taking place, I believe it's in engine/console/console.cc, but I could be wrong.
09/10/2005 (1:51 am)
If you're talking about a specific program, there is none. The TGE EXE takes care of compilation.If you mean where in the TGE source the compilation is taking place, I believe it's in engine/console/console.cc, but I could be wrong.
#3
And these .dso are encrypted enough that its pretty difficult to unencrypt?
09/10/2005 (1:51 am)
Okay thank you; didn't realize that.And these .dso are encrypted enough that its pretty difficult to unencrypt?
#4
09/11/2005 (3:50 pm)
They aren't encrypted, they are simply in byte-code compiled form. While the EULA doesn't require any more than that, you may want to look into adding in encryption (both write and read) if you need more security for your project.
#5
09/11/2005 (7:01 pm)
"To turn .cs into something no one can read or use?" - If you want that, you could just delete the file... But the goal is to make it into something that people can load and run quickly, which the exec() and compile() script calls do nicely.
#6
09/11/2005 (7:10 pm)
What I mean is, I don't want people taking my hard work, decompiling it, then using it for something else without my permission.
#7
There is no way to acheive this. DSO is plenty big enough of a barrier for most people, and the really determined ones aren't going to be stopped by anything up to and including dedicated security hardware. (Look at how the XBox security was bypassed, or how secure military systems are secured not by firewalls, but by simply unplugging them from the internet/other external data sources.)
To restate: if you're trying to stop casual modification, putting it into DSO or compiling your C++ code to binary is enough. If you're worried about real, serious hackers, your only recourse is to not give them the code at all - because if the CPU can see the bytecode instructions to run your game, so can they.
09/12/2005 (2:46 am)
This has been discussed many, many, many times before on these forums.There is no way to acheive this. DSO is plenty big enough of a barrier for most people, and the really determined ones aren't going to be stopped by anything up to and including dedicated security hardware. (Look at how the XBox security was bypassed, or how secure military systems are secured not by firewalls, but by simply unplugging them from the internet/other external data sources.)
To restate: if you're trying to stop casual modification, putting it into DSO or compiling your C++ code to binary is enough. If you're worried about real, serious hackers, your only recourse is to not give them the code at all - because if the CPU can see the bytecode instructions to run your game, so can they.
#8
Thanks for the answer :)
09/12/2005 (2:49 am)
Well of course, if someone is determined enough they can, but I just wanted to make sure there wasn't some, somewhat well known decompiler out there that any Joe Schmoe could use.Thanks for the answer :)
#9
09/12/2005 (4:33 am)
Don't think there is anything handy; if you're worried changing the read/write code for DSOs a bit will befuddle it nicely.
#10
How do you get rid of the editor (World editor, gui editor, etc.)? Is there a separate version to build?
Also, can TSE run as a dedicated server without showing any graphical aspect?
09/15/2005 (1:18 am)
Whoops I almost forgot the main reason I really posted:How do you get rid of the editor (World editor, gui editor, etc.)? Is there a separate version to build?
Also, can TSE run as a dedicated server without showing any graphical aspect?
#11
to the editors.
If you disable the console and remove the editor binds, you should be fine, even with the contents of the entire "common" folder. But yanking that stuff would be safer.
There is one small chink in the armor however. There's a file called "main.cs" that has to be a .cs (plain ol readable script). It's possible that someone could include code there to do all manner of uncouth things... though I'm not well-versed enough as yet to know what exactly one could do there.
09/15/2005 (10:13 am)
All those editors are in the "common" folder. They're also called out specifically in the action map, binding FIf you disable the console and remove the editor binds, you should be fine, even with the contents of the entire "common" folder. But yanking that stuff would be safer.
There is one small chink in the armor however. There's a file called "main.cs" that has to be a .cs (plain ol readable
#12
09/15/2005 (12:18 pm)
It's easy enough to scramble DSO's, but anything will be broken eventually.
#13
Also: Does anyone have an answer for my dedicated server question? :(
09/16/2005 (6:19 am)
Why does main.cs have to remain a .cs?Also: Does anyone have an answer for my dedicated server question? :(
#14
I'm not sure this resource is available to you, if you don't have a TGE license, but it shows you how to embed the main.cs file in game.cc. So you basically hardcode it. That's one way of getting rid of it.
--
Hans
09/16/2005 (6:46 am)
@SykoiiI'm not sure this resource is available to you, if you don't have a TGE license, but it shows you how to embed the main.cs file in game.cc. So you basically hardcode it. That's one way of getting rid of it.
--
Hans
#15
Because ResManager doesn't have access to the root, and I'm not even sure it has been initialised in that part of the code yet. That's why you open it normally and execute the script within it rather than reading the compiled byte-code, which it won't understand.
09/16/2005 (8:22 am)
Sykoii,Because ResManager doesn't have access to the root, and I'm not even sure it has been initialised in that part of the code yet. That's why you open it normally and execute the script within it rather than reading the compiled byte-code, which it won't understand.
#16
There is a resource called Cryptainer that's awesome for encrypting your resources, but you still wind up with a DSO cache on the user's hard drive. I wouldn't suggest trying to encrypting them since the cache is there for a reason, but it's already quite obfuscated. A nice simple little trick is to swap around some of the byte code values like Ben suggested. Those two steps will deter all but the most dedicated hacker.
09/16/2005 (9:16 am)
As far as TSE running as a dedicated server, yes, it's possible, and it's even possible to strip out all of the D3D stuff to get it to run as a dedicated Linux server. Once you get started it's actually quite a brain-dead task. Just stop linking the D3D libraries and follow the compiler / linker error bread crumbs. Just remember when I say "it's possible," I'm speaking from a C++ coder's standpoint... it does take quite a bit of C++ / Torque engine knowledge to make it happen.There is a resource called Cryptainer that's awesome for encrypting your resources, but you still wind up with a DSO cache on the user's hard drive. I wouldn't suggest trying to encrypting them since the cache is there for a reason, but it's already quite obfuscated. A nice simple little trick is to swap around some of the byte code values like Ben suggested. Those two steps will deter all but the most dedicated hacker.
#17
09/17/2005 (8:27 pm)
In 1.4 and higher, all the editors are in a seperate creator mod. Remove the mod, no more editors. 
Torque Owner Vernon Finch