RHfront 0 Posted October 9, 2019 cfgRemoteExec provides a filter which blocks clients from using commands and functions in a destructive manner. However, I can't help but draw the conclusion that there seem to be some security loopholes. Through cfgRemoteExec I can block players from applying commands via remoteExec, but if I whitelist the commands, can they use remoteExec? What exactly does "target" mean when it says "target everyone/clients only/server only? I don't really want the client targeting anyone at all. Example: Lets say I have the server [_unit] remoteExec ["setDammage ", etc. ...]. Supposedly the server has authority to apply this change... but not so fast. The server cannot apply this change unless remoteExec has been whitelisted for clients to use. So now the client is able to apply remoteExec to other clients? Rephrased example: I have a custom command that allows clients to ask the server to change things for them like, "Do <some action that is restricted> for me, please?" This command targets the server. So the client can order the server around in a controlled environment, so to speak. So the server says, "Sure! <restricted command via remoteexec>. Have fun. ❤️", but... but since I had to (whitelist -- target clients) the restricted action for the client to use it, is that client now able to use that remoteExec on other clients? Share this post Link to post Share on other sites
Dedmen 2596 Posted October 9, 2019 8 hours ago, RHfront said: I have a custom command I assume you mean script function? As custom command is operating on a whole different level. 8 hours ago, RHfront said: is that client now able to use that remoteExec on other clients? Not if that script function is only ever defined on the server. Can't execute something on the client if it doesn't exist on the client, 8 hours ago, RHfront said: What exactly does "target" mean when it says "target everyone/clients only/server only? I don't really want the client targeting anyone at all. Well. The target of the remoteExec command. 8 hours ago, RHfront said: So now the client is able to apply remoteExec to other clients? No. Read what you wrote yourself 8 hours ago, RHfront said: What exactly does "target" mean when it says "target everyone/clients only/server only? If you set it to server only, then clients can't execute it on other clients. but only on the server. Share this post Link to post Share on other sites
RHfront 0 Posted October 9, 2019 @Dedmen Thanks for your help. Quote I assume you mean script function? As custom command is operating on a whole different level. It is indeed a script function. After whitelisting sideChat (which was required if I wanted the server to instruct a client to receive a sidechat [another test was moveInCargo]), I ran this test where the server remoteExecs an addAction which has a client sideChat itself via remoteExec. _action = ["gib sideChat", { params ["_target", "_caller", "_actionId", "_arguments"]; [_caller, "remote sideChatted myself!"] remoteExec ["sideChat", owner _caller]; }]; [_unit, _action] remoteExec ["addAction", owner _unit]; Targeting tests in cfgRemoteExec: If the command targeted clients, then addAction sidechat worked. If the command targeted the server, then sidechat would not work. I also had a [_unit, "sideChat test"] remoteExec ["sideChat", owner _unit] sent from the server to the client. The same results followed depending on the target set in cfgRemoteExec. This appears to me that if I want to apply commands to clients from the server, I have to whitelist the command, which then allows clients to remoteExec the hell out of it. How would I safeguard against that? Share this post Link to post Share on other sites
Dedmen 2596 Posted October 9, 2019 54 minutes ago, RHfront said: This appears to me that if I want to apply commands to clients from the server, I have to whitelist the command, which then allows clients to remoteExec the hell out of it. How would I safeguard against that? You miiight not have to run the same config on the server as on the client. Just have a seperate servermod pbo on the server, with a CfgRemoteExec which allows the server to do everything. Ideally for proper security you would just blacklist EVERYTHING. And make custom script functions for the stuff you need to execute, and only whitelist these. And then you can add protection into the script function to make sure it's only allowed to be executed if it came from the server: https://community.bistudio.com/wiki/remoteExecutedOwner 1 Share this post Link to post Share on other sites
fn_Quiksilver 1633 Posted October 10, 2019 - CfgRemoteExec handles only "from client" executions. - Best bet is to whitelist only non-destructive commands, the ones that aren't normally used in cheat scripts. Or better yet, dont whitelist any. https://github.com/auQuiksilver/Apex-Framework/blob/master/Apex_framework.terrain/description.ext#L178-L208 - Instead, create your own script function with which you have more control over the execution, like logging and context-based sanity checks. https://github.com/auQuiksilver/Apex-Framework/blob/master/Apex_framework.terrain/code/functions/fn_remoteExecCmd.sqf Heres an example of filtered vs unfiltered // Unfiltered [_vehicle,1] remoteExec ['setVehicleAmmo',_vehicle]; // Remote Exec script function QS_fnc_remoteExecCmd = { params ['_type','_1','_2']; if (_type isEqualTo 'setVehicleAmmo') exitWith { if (player is in the vehicle service area) then { _1 setVehicleAmmo _2; }; }; }; // Filtered with sanity checks (in the above function) ['setVehicleAmmo',_vehicle,1] remoteExec ['QS_fnc_remoteExecCmd',_vehicle]; If a cheater wanted to remote-exec "setvehicleammo" then, they would have to use the script function, which would only allow the setvehicleammo if the player is in the service/rearm area. If you're looking at security improvements, dont overlook this one: https://community.bistudio.com/wiki/Arma_3_CfgDisabledCommands 1 Share this post Link to post Share on other sites
