Jump to content
Search In
  • More options...
Find results that contain...
Find results in...
printz

Do multiplayer ports allow executable version whitelisting?

Recommended Posts

I'm wondering if ports like Zandronum have put in place an option for servers to have lists of hashes of approved executables, such as all official releases and dev builds for Windows, Mac, Linux and FreeBSD. This would exclude user-modified executables such as bots and other cheats.

Share this post


Link to post

Multiplayer servers for Dev builds are already hosted on British-Steel and Similar services , I once joined a Project Brutality server running on a v3.0 Dev Build of Zandronum .

Share this post


Link to post

A well intentioned but ultimately flawed plan since nothing stops a bot or cheat from reporting that it's a legitimate version to defeat the whitelist.

Share this post


Link to post

I see. Indeed, it's up to the program to say its signature, there's no other way that's independent of the modified app. No way for the server to query it independent of the client's decisions.

Share this post


Link to post
printz said:

I'm wondering if ports like Zandronum have put in place an option for servers to have lists of hashes of approved executables, such as all official releases and dev builds for Windows, Mac, Linux and FreeBSD. This would exclude user-modified executables such as bots and other cheats.


ZDaemon might do this, but it is closed source so its binaries are limited thus it could be used easily there.

This would be a problem for open source ports because of the wildy different compilers, architectures, and libraries available. This would also increase the burden on the developers to create binaries which match your system on request or have a verification process.

Share this post


Link to post
DMGUYDZ64 said:

Multiplayer servers for Dev builds are already hosted on British-Steel and Similar services , I once joined a Project Brutality server running on a v3.0 Dev Build of Zandronum .


Just a small OT, British Steel has been down for a few months now, although it will be coming back soonish.

Share this post


Link to post
printz said:

I see. Indeed, it's up to the program to say its signature, there's no other way that's independent of the modified app. No way for the server to query it independent of the client's decisions.

You're basically reliant on the honor system ("I promise this really is my executable signature"). And if that's your plan you might as well just have a note on your website saying, "please don't use cheats or bots".

Share this post


Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×