1. These forums are still being retired! Please use GitHub discussions or Discord. You cannot create new threads or new accounts now. If you need to contact some user of the forums, you should do it sooner, rather than later. This notice was last updated on May 30th, 2021.

Tool submission & OSS development

Discussion in 'General Discussion' started by nicatronTg, Feb 28, 2015.

?

Do we allow plugins to be released without source?

Poll closed Mar 7, 2015.
  1. Yes (allow all plugins and tools to be released closed source)

    2 vote(s)
    11.8%
  2. Yes (only tools that are not loaded by TShock, not plugins)

    10 vote(s)
    58.8%
  3. No (require source for all submissions)

    5 vote(s)
    29.4%
  1. nicatronTg

    nicatronTg Shank / hakusaro
    TShock Founder TShock Admin

    Joined:
    Jul 21, 2011
    Messages:
    723
    Since we've added Resource Manager, we now have the capability of hosting more than TShock addons, but tools made by the community as well. We have traditionally allowed for plugins to be posted only with source code, for the following benefits:
    • To encourage community development and contribution.
    • To allow resurrection of plugins from older API versions and to promote them for newer releases of TShock.
    • To encourage security by allowing audits of publicly released code.
    With that being said, however, it is important to note that being open source does not reflect code safety, as it is difficult, if not impossible, for our small team of developers to decompile, verify, and audit all code in all plugins each release or update. Meanwhile, some plugins and tools sit in a risky gray area where no source is provided, but they are not directly TShock plugins (are not loaded by the server on startup) or are obfuscated purposefully to deter cheaters.

    Please provide feedback as to whether or not we should allow closed source plugin and tool releases by voting in this poll and discussing the ramifications.
     
  2. Enerdy

    Enerdy Satellite Admin
    TShock Mod Plugin Developer Zero Day Plugin Author

    Joined:
    Nov 14, 2012
    Messages:
    506
    I selected the second option in the poll, and for the following reasons.

    I believe Plugins should stay open-source reliant, as this allows others to learn from your code and encourages cooperation with github's PRs and Issues. This also prevents, to some extent (as you've said in your post, it's unrealistic to decompile every single binary to confirm that the source code matches), the use of backdoors for malicious intends as it'd be visible for everyone.

    Tools work on a different paradigm and should be optional whether or not to make them open-source. TShock might be an open-source project, but tools are not loaded by it and thus have no need to comply with its requirements for approval. With that being said, I suggest we separate plugin from tool approval requirements to reflect the differences between both sides, if the second poll option is to be made a reality.
     
    • Agree Agree x 3
  3. nicatronTg

    nicatronTg Shank / hakusaro
    TShock Founder TShock Admin

    Joined:
    Jul 21, 2011
    Messages:
    723
    If the second option is made possible, I will split and publicly clarify the differences. I agree.
     
  4. GrandPa-G

    GrandPa-G Developer of many plugins
    Plugin Developer Zero Day Plugin Author

    Joined:
    Jan 4, 2015
    Messages:
    400
    Since I am in the middle of this, I would like to add my thoughts.

    First, no matter what the outcome, whatever the rule is, I will try to follow.

    Second, to understand my tool, let me explain that the tool consists of two basic parts.

    1. A dll that extends the capabilities of the RestAPI. It is loaded like a plugin but has no direct user (human) access, just a programmatic door to get information in or out of TShock. This is written in C# and hopefully follows the rules on content and also is posted on Github with source. Anyone can view the source and learn or audit what is going on inside the dll. If the functions added by this dll were in the standard RestAPI, then this dll would disappear.

    2. A java program that is the real workhorse of the tool. It is about 10,000 lines of java code now. The tool does not need to run on the TShock sever, though there is nothing to prevent it from being used there. The only direct interactions that the tool makes with the TShock server is through the RestAPI or modified RestAPI I created. There is no other way the tool gets/puts data into the server's dataset or accesses the TShock database except through the APIs. For business reasons, the source to this java tool is considered intellectual property and as such it is not available for anyone to see. This restriction could be modified, but I doubt it will.

    First, what does approval of a plugin even mean? After all, if someone wants to make a plugin and not get it approved here, my understanding there really is nothing stopping the developer from advertising it outside the TShock forum and the server administrators using it. To me, approval is just a nice thing to have and hopefully a good place to get exposure for its use. Malicious plugins aren't going to be prevented just because they aren't approved. (If you want to tie an approval process into some type of validation id that TShock requires to load, that is a totally different subject and may need discussion elsewhere if it hasn't already.)

    I appreciate the concern expressed about potential hacking or security breaches of plugins that are not vetted before being approved. Having someone visually look at a few hundred lines of C# code for a plugin is a huge difference than looking at 10,000 lines of java or as another web based admin tool, probably an equal number of lines of php or other web scripting language. I doubt anyone in the approval process has the time, and possible the necessary coding skill to look at all the variations of coding languages as well as spaghetti code we seem to see.

    My philosophy has been to make only one entry point through which all tool interactions with the server must go. Thus the limit of potential damage is easily isolated and readily auditable. If the door to the TShock world is very narrow (RestAPI) then malicious actions should be easily identifiable.

    From what I can see, this problem only exists for possibly 5 entries in the Resource folder. Several already supply source code so the issue is moot for them.

    If the decision that all code must be public, I hope you will give me the courtesy of putting a message on the forum to explain why the tool will be removed.
     
  5. Olink

    Olink Admin note: Actually a really nice person now

    Joined:
    Jul 21, 2011
    Messages:
    1,397
    The following are my thoughts, and not points for discussion, please do not reply with arguments against what I have said as they are my feelings on this topic and you are free to believe what you want.

    The only reason you would ever hide source to an executable application that has access to the OS is because you are doing cheat prevention and don't want to share your secrets, or you have malicious code. There is no other reason not to when Github offers infinite space to upload resources to, and only take 30 seconds to make a commit. If users wish to run into the wild and run applications they have no way of trusting, knowing full well how grieful the Terraria and gaming communities are than that is up to them. Personally I feel that even if it isn't a requirement, you are only making yourself look suspicious by not offering your source code.
     
  6. GrandPa-G

    GrandPa-G Developer of many plugins
    Plugin Developer Zero Day Plugin Author

    Joined:
    Jan 4, 2015
    Messages:
    400
    Please remove the Remote Admin Tool from the Resource folder. If anyone wants the tool, they can PM me.
     
    • Dumb Dumb x 1
  7. nicatronTg

    nicatronTg Shank / hakusaro
    TShock Founder TShock Admin

    Joined:
    Jul 21, 2011
    Messages:
    723
    See PM.
     
  8. IcyPhoenix

    TShock Contributor

    Joined:
    Jul 27, 2012
    Messages:
    367
    If its becomes unfavourable or problematic to allow me to publish my hack prevention here, just take it down after the poll closes - I will as stated on the thread, privately update individuals who want access to it.
     
  9. nicatronTg

    nicatronTg Shank / hakusaro
    TShock Founder TShock Admin

    Joined:
    Jul 21, 2011
    Messages:
    723
    Your plugin is a special case exemption and is not subject to this (I've seen the source and verified what it does).
     
  10. Ijwu

    Ijwu Level 11

    Joined:
    Apr 4, 2012
    Messages:
    644
    While I'm actually inclined to agree with Olink, I voted for the second option. I believe all DLLs, except those special cases, should provide their sources in order to get exposure in this forum's resource manager. While I do think that there really is no reason to hide your source for your tools if you're doing nothing suspicious I understand that developers reserve the right to do whatever they want with their code. I don't demand the source code of all programs which I run on my PC so I think it's probably unfair to do so in the case of third-party tools which interact or affect TShock in some way.
     
    • Like Like x 1
  11. IcyPhoenix

    TShock Contributor

    Joined:
    Jul 27, 2012
    Messages:
    367
    Ahh okay, my apologies didn't realize it was exempt from this.
    There is truth and falsehood to your statement, its true that we shouldn't hide anything, but the reason I don't publish many of my plugins, is because I am required to expose the source of those plugins, many of my plugins are developed as pay to use, having the source code kinda renders that redundant somewhat.
     
  12. Ijwu

    Ijwu Level 11

    Joined:
    Apr 4, 2012
    Messages:
    644
    That's why I specifically stated '...in order to get exposure on this forum's resource manager'.

    You're free to not publish here and you're free to be closed source, or to sell your plugins. But we have to look out for the DLLs we distribute here. We're still small enough that it's feasible to avoid hosting malicious plugins if we have access to the source. I'd like to keep our resource manager relatively clean for as long as we can.
     
    • Like Like x 1
  13. nicatronTg

    nicatronTg Shank / hakusaro
    TShock Founder TShock Admin

    Joined:
    Jul 21, 2011
    Messages:
    723
    There's something to be said for if we were to allow semi-closed source plugins (source comes with download) on payment. That's possible.
     
  14. IamUSER

    IamUSER Level 7

    Joined:
    Jul 29, 2013
    Messages:
    184
    Thank you all for your continued devotion to tShock! :D
     
    • Like Like x 1
  15. GrandPa-G

    GrandPa-G Developer of many plugins
    Plugin Developer Zero Day Plugin Author

    Joined:
    Jan 4, 2015
    Messages:
    400
    • User was warned for this post -- take it to a PM doesn't mean take it back out for dramatic effect.
    I apologize for putting the members of this community in a position to spend time on an issue that has not been raised before, and may never occur again.
     
    • Dumb Dumb x 2