Forums Feature Suggestions Scripting 'Safe Mode'?

With all the mirc style viruses and bugs around, why hasnt a safemode been implemented in the mIRC client?

By safe mode I mean access to specific scripting functions, such as sockets, reading files, and other forms of commands that could compromise information on your PC and/or your PC itself - should be disabled in the main options menu.

Simply preventing such scripts from working.

This could be further expanded by implementing a 'safe list' of scripts, which you specifically (and unable to do so via scripting itself) set a permissions level to script files... So you can still permit specific scripts you TRUST to have the right to use sockets and file I/O functions, but the virus script which you accidently load or gets passed on to you gets shutdown straight away, as it has no access rights to touch the file operation functions etc.

Thoughts? Comments?

This has already been brought up. A quick search for "sandbox" will resolve some of the following:

Disabling dangerous commands from 'command line'
New LOCK Mechanism
mIRC PHP style 'safe mode'

Amoung others.

I don't think a 'protected' list of safe scripts is really possible. The 'how is the script *being* loaded?' issue has been overlooked. As there are no known bugs in mIRC itself that allow code insertion, a hostile script is either:

1) being /load'ed by the user, or
2) being loaded, or placed in a posistion to become loaded, by another process on the system, or a script that by this idea would have to be considered 'safe'.

In point 1, the user could be convinced to add the script to the protected list, or if this proves inpractical, given directions (such as loading a url) that would lead to point 2, where as a 'trusted' script or an unknown process, the list could be easily modified.

The safe list could also lull users into a false sense of security:

<Jack> that 0mgl33thax0r.ini is a virus!
<Jill> but its in my safe script list. GET A BRAIN MORAN!

(sorry.. :P)

By all means, added security to scripts *is* needed, and *will* stop a lot of worms/viruses in their tracks, but I really think a better approach is needed. (not that I can think of one.. )

(also: with your idea to restrict file I/O, a less 'destructive' idea is to only allow access to files inside the mirc/script directory, most scripts should be able to function normally inside this limitation)

Just my 5 cents <-- as I'm collecting all my one and two cent pieces, they might be worth something one day.

Don't forget to disable /msg, /notice, /ctcp, /me, /amsg, /ame, /say and /echo in that sandbox, since a lot of those bad scripts use them to send other irc users some //$decode stuff or something.
Maybe also disable goto and /while, it's easy to hang your mIRC that way: /while ($true) { }
Well, since there's not much left to do for scripts on irc without those commands, I guess we can just disable scripting completely in the sandbox

So, I go with Skip: find a way to make sure only scripts the user wants are loaded. If the user wants a malicious script, having a sandbox won't help anyways, "this script needs /run access to show you some flying pigs, is that ok?" Guess what the user will answer

(Yes, /echo too, why? /echo 3 -a * mIRC has detected an error, please load the patch by typing /load -rs patch.mrc)