While I'm an experienced security professional and sw engineer, as well as a player of Minecraft, I know only a little about mod creation and usage. My son is an avid player and mod user. We have been discussing what possible attacks might be introduced into a client mod in order to compromise a platform. Obviously, I'm concerned about this possibility. As I understand it, compiled mods live as jar files, and can include java code. Assuming that's the case, what restrictions are in place to ensure that malicious java that executes on a host through a mod cannot be deployed and executed. For example, what prevents an attacker from injecting code that performs privileged operations on the host such as file i/o, unauthorized network i/o, harvesting privacy sensitive info and sending it to a remote host, etc. I understand that Java runs within a jvm instance, but there are plenty of ways to execute the kind of ops I describe, unless explicitly restricted through use of a custom SecurityManager or other mechanisms.
I've searched for info on this topic, and so far haven't found any details. Most of what I find is about client and server exploits that either introduce cheats, or in the worst case, steal user credentials. I could go ahead and just create my own client mod to gain a better understanding of what is and isn't possible, but would like to avoid that work if I can.
Any good references or answers?
Dave
Rollback Post to RevisionRollBack
To post a comment, please login or register a new account.
Good Day,
While I'm an experienced security professional and sw engineer, as well as a player of Minecraft, I know only a little about mod creation and usage. My son is an avid player and mod user. We have been discussing what possible attacks might be introduced into a client mod in order to compromise a platform. Obviously, I'm concerned about this possibility. As I understand it, compiled mods live as jar files, and can include java code. Assuming that's the case, what restrictions are in place to ensure that malicious java that executes on a host through a mod cannot be deployed and executed. For example, what prevents an attacker from injecting code that performs privileged operations on the host such as file i/o, unauthorized network i/o, harvesting privacy sensitive info and sending it to a remote host, etc. I understand that Java runs within a jvm instance, but there are plenty of ways to execute the kind of ops I describe, unless explicitly restricted through use of a custom SecurityManager or other mechanisms.
I've searched for info on this topic, and so far haven't found any details. Most of what I find is about client and server exploits that either introduce cheats, or in the worst case, steal user credentials. I could go ahead and just create my own client mod to gain a better understanding of what is and isn't possible, but would like to avoid that work if I can.
Any good references or answers?
Dave