For the sake of security, please have separate exe's for VAM and Hub

G

GoingAWOL

New member
Messages
9
Reactions
6
Points
3
From a security perspective it would be better if VAM did not have access to the internet. You never know when a scene you downloaded is loading a url asset, which has obvious security risks. If the exe's are separated then the user can block the main VAM exe from accessing the internet with a firewall while the exe for the Hub can still connect to the internet.

Honestly letting scene authors to connect to random urls have always felt insane to me, the potential for abuse is simply too great.
 
Does Meshed even look at these threads? Can we get some more clarity on this issue? Or is this whole forum just a waste of space?
 
VaM Suggestions is not getting much view by me lately because we are in between platforms for development. 1.X is essentially end-of-life and cannot accept any more feedback at this time, and 2.X is too early to accept any real feedback.

For your specific comment, there is a setting already in VaM in the user preferences to disallow http URLs for image panels, audio, etc. You can also turn off web browsers, although turning that off will limit what you can see in the Hub, and perhaps this is what your comment is about. I don't have an easy way to separate the Hub web browser (the right panel when looking at a Resource detail) from the other in-game browsers so I won't be able to make an additional option for this in 1.X. I'll keep it in mind for 2.X.

1611326750574.png
 
meshedvr said:
VaM Suggestions is not getting much view by me lately because we are in between platforms for development. 1.X is essentially end-of-life and cannot accept any more feedback at this time, and 2.X is too early to accept any real feedback.

For your specific comment, there is a setting already in VaM in the user preferences to disallow http URLs for image panels, audio, etc. You can also turn off web browsers, although turning that off will limit what you can see in the Hub, and perhaps this is what your comment is about. I don't have an easy way to separate the Hub web browser (the right panel when looking at a Resource detail) from the other in-game browsers so I won't be able to make an additional option for this in 1.X. I'll keep it in mind for 2.X.

View attachment 28414
Click to expand...
Yes definitely keep it in mind for VaM 2. I am aware of the option to turn off web URLs, but my comment was more about eliminating the potential for future exploits. Giving the executable access to the internet and then relying on VaM's internal settings to block certain web connections still leaves you vulnerable. Software bugs are discovered all the time, and VaM is no exception.

Thank you for taking the time to respond. It's understandable that not every request gets fulfilled, though I think security issues deserve some special attention.
 
You must log in or register to reply here.

Similar threads

A
Filters for indirect references and Hub-hosted resources
Replies
0
Views
391
Algorithm1248
A
L
Please develop a Pro SKIN Generator for VAM 1 or VAM 2
Replies
0
Views
546
Lione
L
K
Scan hub for missing packages
Replies
0
Views
587
kretos
K
lapiro
VAM 2.X Separate Head morphs and body morphs presets
Replies
0
Views
672
lapiro
lapiro
KameronFox
[VAM 2.X] Make it possible to have both dick and vagina same time for 1 person
Replies
0
Views
437
KameronFox
KameronFox
Back
Top Bottom