| Time |
Nick |
Message |
| 00:03 |
|
wasm1234 joined #minetest-dev |
| 00:03 |
wasm1234 |
I'd trust a WASM runtime (which is at least somewhat "battle tested" and actively maintained) on my computer much more than whatever sandbox the MT devs cook up |
| 00:05 |
MTDiscord |
<luatic> for one the very first layer of defense already lies within the lua implementation - and luajit is not that terrible (and i suppose we, or you, could swap it out for a potentially safer implementation if you like to). |
| 00:05 |
MTDiscord |
<luatic> lua is in fact rather established for sandboxing. |
| 00:08 |
MTDiscord |
<luatic> for two there is a major point to be made that we have already committed to lua. we won't "just" switch to wasm. |
| 00:08 |
MTDiscord |
<luatic> (for SSCSM) |
| 00:08 |
MTDiscord |
<warr1024> If the thing you don't trust about Luanti devs is their choice of sandboxing system, then if they'd have chosen the same one you did, that'd just mean you don't trust your own choice anymore either 😏 |
| 00:11 |
MTDiscord |
<luatic> for three, we seem to be settling on process isolation of SSCSM, and given that, there is not terribly much WASM would add in terms of security. the protocol at that point is strictly message passing anyways. even a complete interpreter takeover doesn't buy you much. |
| 00:12 |
MTDiscord |
<luatic> and related to that, fourth, this is probably far from the "security bottleneck" anyways. |
| 00:12 |
MTDiscord |
<luatic> my stance on this is a clear rejection. |
| 00:13 |
MTDiscord |
<luatic> SSCSM will use lua. |
| 00:14 |
MTDiscord |
<luatic> maybe there can be WASM APIs in the far future, but that is more of a feature request in terms of being able to access different languages and different (better) performance characteristics. |
| 00:15 |
MTDiscord |
<luatic> for that, see #12836 |
| 00:15 |
ShadowBot |
https://github.com/minetest/minetest/issues/12836 -- Reconsider adding a WebAssembly (WASM) API |
| 00:38 |
|
wasm1234 joined #minetest-dev |
| 00:38 |
wasm1234 |
lua *inside* wasm, not wasm instead of lua |
| 00:42 |
MTDiscord |
<luatic> i don't see that increasing security substantially either. i do see that increasing overhead. |
| 05:00 |
|
MTDiscord joined #minetest-dev |
| 06:01 |
|
SFENCE_arch joined #minetest-dev |
| 08:01 |
|
tibtoblezob joined #minetest-dev |
| 09:06 |
|
Pexin joined #minetest-dev |
| 09:24 |
sfan5 |
well it would allow you to drop the complicated and OS-specific process isolation if you put your trust in the wasm runtime |
| 09:28 |
sfan5 |
merging #15711, #15709 soon |
| 09:28 |
ShadowBot |
https://github.com/minetest/minetest/issues/15711 -- filesys: replace goto by #else to omit compile warning by stefanbeller |
| 09:28 |
ShadowBot |
https://github.com/minetest/minetest/issues/15709 -- Fix shadow flicker on camera offset update by sfan5 |
| 09:43 |
|
hwpplayer1 joined #minetest-dev |
| 10:40 |
|
SFENCE joined #minetest-dev |
| 11:24 |
|
SFENCE joined #minetest-dev |
| 13:45 |
|
SFENCE joined #minetest-dev |
| 14:26 |
|
SFENCE joined #minetest-dev |
| 15:07 |
|
tibtoblezob joined #minetest-dev |
| 18:56 |
|
hwpplayer1 joined #minetest-dev |
| 20:52 |
|
tibtoblezob joined #minetest-dev |
| 21:01 |
|
SFENCE joined #minetest-dev |
| 21:47 |
|
SFENCE joined #minetest-dev |
| 23:19 |
sfan5 |
#15408: do we think we can review this enough to get it into 5.11? |
| 23:20 |
ShadowBot |
https://github.com/minetest/minetest/issues/15408 -- Collision: more accurate computation with acceleration and long dtime by kno10 |
| 23:33 |
|
panwolfram joined #minetest-dev |
