Intro

In order to reduce the damage any undetected exploit can do we should try to intercept filesystem calls of the Titanfall2 install and ensure that they are within the Titanfall2\.

This way any damage done by an exploit would be limited to within the Titanfall2 which both reduces the amount of damage it could do to the system as well reducing the amount of information it could leak from the users system, as the game install folder typically contains very little private information.

Testing:

In order to test whether such an implementation was successful, place a known working .bik menu video a folder above Titanfall2\. So it would look as follows:

.
├───other-Steam/Origin-games
├───some-menu-video.bik
└───Titanfall2

Then launch Northstar and from the main menu inside the console run

script_ui DisableBackgroundMovie(); script_ui PlayVideo("../../../bik-filename-without-the-dot-bik", 0, 0, 0, 0, false)

If the video plays, the game can still read files outside the install folder meaning the implemented hook was not successful.

Possible issues:

• Naturally the game reads a lot of files to load assets etc. so any hook needs to be very performant.
• There are some files located outside of Titanfall2\ like Documents\Respawn\Titanfall2\local\settings.cfg that the game still needs to be able to access

Additional:

If there's anything sensitive in the Titanfall2 by default we should also restrict access to that part. (Anything Origin related in their that contains sensitive stuff like authentication tokens etc?)

well, if we limit to the Titanfall2 game install folder and Documents/Respawn/Titanfall2 we should be good for any intended file access