oh-my-git icon indicating copy to clipboard operation
oh-my-git copied to clipboard

Published 20 hours ago verified publisher icon git-learning-game

Explain or remove need for incoming network connections

Open bencomp opened this issue 3 years ago • 2 comments

When starting the Mac app, I am asked to allow incoming connections, but I can't find any explanation for this. Disallowing them does not seem to affect the working of the game.

Could you explain or remove the (apparent) need for incoming network connections?

bencomp avatar Feb 24 '21 21:02 bencomp

Thanks for writing in! :) The reason is a hack we use to have an in-game editor open when you run git commit or git rebase -i: we set the core.editor setting to fake-editor, a Perl script we provide that connects to a port opened by the game to signify "hey, the user wants to open a file!". That's why both Mac and Windows notify the user of network activity. Kind of silly, but the best approach we found. If someone has a better idea, let us know!

I guess disallowing it doesn't hurt in this case, because all network activity stays on your own computer? In any case, we could explain this property for sure, at least on the download page, or even when running the game for the first time!

blinry avatar Feb 25 '21 13:02 blinry

Ah, that explains. Thanks for the quick response!

I'm very new to Godot and game development – I only watched the FOSDEM presentation – so I am not sure whether there's a better way. Opening a network port with a custom protocol sounds like something to be careful with.

Digging around the code and Godot documentation, it looks like https://github.com/git-learning-game/oh-my-git/blob/3a4286965393b6edde814dc3afe55f353ed78a24/scenes/main.gd#L23 starts a server that listens on all network addresses. That probably triggers the firewall notices. If there is no other way to set up inter-process communication, I wonder if it helps to make sure to only listen on localhost?

Although I'm no security expert, without carefully checking each connection and message, the game and/or fake-editor could still be vulnerable to network attacks. Such attacks would have to come from the host itself, but that doesn't mean you have to actively run something to be vulnerable. I'm reminded of the stories about websites sniffing local open ports using JavaScript to determine if a VNC server is running – websites could similarly try to see if I'm playing the game and perhaps interfere.

Summing up, I would like to see if there are other ways to facilitate the communication, but I wouldn't know where to start. Having the server listen on localhost only should make it more secure (and hopefully stop 'scaring' users), but I feel it's not a replacement for actual secure communication.

Hopefully someone with more Godot experience can help the project!

bencomp avatar Feb 25 '21 14:02 bencomp