Pentest and other security measures

[bmos]

I'd love to hear this as well.
I'm glad to hear the site should be secure, but I'm much more worried about running a public-facing server on my personal computer with an open port (if using LAN connection).
Hearing an official statement that considerations are being made for this fairly large risk would be reassuring.

[_haplo__]

AFAIK, all the OS feature in the lua sandbox were disabled for instance, which kind of show they're at least a bit security aware. Also FG is ran with user privileges, which limits the attack reach. But indeed, if there were an overflow of some kind in the used libraries (i think We can assume they use high level langage and don't reinvent the standard C lib from scratch), an attacker targeting it Could possibly perform malevolent stuff. However, I believe the direct connection issue disappears with the cloud lobby.

But i am no FGU developer so my Word is just a former's pentester view ;]. Also pardon my strange english, i'm a frog ^^. Have a good day

[Trenloe]

As mentioned, the LUA implementation doesn't have any of the OS accessible features enabled - see here: https://fantasygroundsunity.atlassia...ua-Programming

Also, any connection to the GM on port 1802 doesn't have any rights to upload or control code. The only code available is that loaded by the GM (ruleset and extensions) when they loaded their campaign. All of this code is the FG LUA linked above. The *worst* that could happen is that someone tries to do denial of service by flooding port 1802 - with either a bunch of crap, or simulating a FG player client and doing a bunch of stuff (roll dice again and again, etc.).

[damned]

FGC can only write XML and Mask PNGs to the file system and cannot delete anything.
Im not sure if FGU can also write images to the file system.
There is very few things that the cGM client is allowed to do and even less for the player.

[Milmoor]

Thanks @_haplo__, @Trenloe and @damned. That helps quite a bit.