Replies: 4 comments
-
|
While I'm not necessarily opposed to this idea on principle, I'm wondering why this has to be done from within the game itself? What about integrating with any pre-existing system-level parental controls settings (on OSes where they exist) instead? |
Beta Was this translation helpful? Give feedback.
-
|
I haven't used those much; can OS-level parental control features block basic operations such as network connection and file writing? I'm mostly thinking about the case where someone would play on a shared computer (such as school computers) and open the level editor to edit Welcome to Antartica, draw inappropriate shapes, save and let the next person enjoy their experience... |
Beta Was this translation helpful? Give feedback.
-
|
At my local library on the childrens computers they decided to add a feature that resets the whole computer to a restore point every time the computer is turned off. This kind of feature could be implemented and maybe turned on by a educator. Although this would make saving work impossible. |
Beta Was this translation helpful? Give feedback.
-
Hm, I'm checking the ones in macOS currently, and it looks like they've changed since I last remember using them, so maybe never mind on that front...
Oh yeah that reminds me about how Nintendo had to build penis-detection AI for moderation of Miiverse handwritten posts back when they still had that active; it's probably pretty complicated, though...
Faronics Deep Freeze? That's what the computers at my college library's computer lab all had on them; I hated it so much and wasted so much effort trying to figure out ways to bypass it... (it's probably for the better that I wasn't able to do so, though) |
Beta Was this translation helpful? Give feedback.
-
TL;DR I want to make parental options to help parents protect their children, or school to protect their computers, from potentially harmful in-game actions (e. g. downloading content with obscene symbols, or with a malicious script).
The problem • The motivation • The solution • Is this Free Software friendly? • Discussion
The problem
SuperTux is commonly reputated as a "kid's game". Although a certain portion if its fanbase are adults, its look and feel makes it a very interesting game for parents to give to their children. Furthermore, it appears many schools and institutions install SuperTux on their computers for students or other people to use.
With the arrival of networking, and even with some already-existing features (such as downloading add-ons), SuperTux is becoming difficult to evaluate as "safe" simply by navigating through it once.
Add-ons are unpredictable for a third-party, and although the team reviews add-ons before making them downloadable from the servers, the team does not (and cannot) provide any guarantee that each and every add-on is entirely exempt of any form of questionnable content whatsoever, for any purpose imaginable. Networking makes it even worse because it requires real-time monitoring to make sure nothing bad happens.
From the point of view of a school or from a parent, this isn't very safe, and a certain level of restriction would be quite welcome to help protect the computers and/or the users from malicious content.
The motivation
The first and most obvious example would be a level secretly containing obscene symbols. Someone could pass an add-on to the team, which plays it normally, then publishes it; then, somoene downloads the add-on, goes to edit the level, and goes in a normally inaccessible area...
But that's only one part of the problem. There is another (~Master Yoda), which is (arguably) much more important.
Now, I would like to present my apologies to all my predecessors and colleagues as developers, but... SuperTux was not designed with security in mind. I don't blame them, though; SuperTux lived 20+ years without it being an issue. But today's the day.
I have found numerous significant security vulnerabilities in SuperTux, which cover a wide range of results: crash, malicious code execution, game lock-out, system freeze, etc. It is extremely easy to use the resources of the game for malicious purposes, and although I plan to fix most of them, I cannot fix them all, and certainly not in time for networking.
Networking will make this problem infinitely more important, as it can establish a link between multiple different devices which are strangers to each other. If networking isn't done properly, it will become a foster for hackers and other funny people playing with each other's computers.
A grown and well-informed person knows what to do - but most of them won't go and look into the source code before playing; they'll trust us and play immediately. A less informed person would possibly not even think about it, but still, they are the owner - therefore responsible for - their computer.
However, when somoene lets someone else use their device, they have no idea what that person might be doing. They have no idea what decisions they take, how informed they are about security, and how much they care about the device they're entrusted with.
When that "someone else" is the 3-year-old child of a parent, or the student of a school, it is rather difficult to predict, and a certain protection from the game, although not perfect, can be very welcome.
The solution
Parental control should allow to lock access to anything that can represent a significant threat to either security or general decency. For example:
Perantal control would store its configuration is a system folder, locked under administrator ownership. This would prevent funny people to just delete the file :^)
Access to the settings would be made with password protection, stored as a hash in the configuration file. There should also be an option for administrators to manually remove just the field for the hash, which would indeed give a configuration file with no password set; the program, upon noticing such a situation, would make it impossible to open the control panel directly from the game. The config file can be edited manually by the administrator, or deleted entirely to reset the parental control options.
The conflict with the Free Software philosophy
One could argue that such a system would defeat the spirit of free software, which is to preserve user freedom and user control over their apps. If someone cannot do what they want to with the game, then they cannot enjoy their freedoms.
I believe this is not an issue here for the following reason: Someone with administrator access to the machine can override these permissions at all times. Therefore, the owner of the machine cannot be stopped by parental control.
An end user who does not have administrator access to the computer (let me reuse the examples of the young child on their parent's device and the student on the school's computer) do not own the computer. Reading the GPLv3 FAQ on gnu.org, it appears that this is intended and part of the philosophy; there is a section which clearly states that if the software is available on company-owned computers, and employees use the GPLv3 software on these computers, then the company isn't making copies for its employees, but rather for itself; therefore, it isn't distribution, and they do not have to give GPL rights to their employees (e. g. redistribute the software and source code).
In the two example contexts, it is safe to assume the school is making copies to itself when installing the game on its own computers (the copies are still under property of the school), and that the parent is making a copy for themselves by installing it on their own device, and then enabling their child to play with it.
Therefore, it makes sense, to me at least, that the entity who decides what the copy of the game can or can't do should be their legitimate owner, that is, the school and the parent, respectively.
Discussion
For the moment, I do not intend to implement this feature unless I receive support. Since we haven't been requested such a feature from users yet (have we?), I'm not certain that it would be useful to implement it if no one would use it.
I know not everyone who would find such a feature interesting would find this repository, find this issue specifically and read 4 pages worth of text to share their thoughts, but I believe if I can get a few dozens people to comment on it, then I'll have a (very) rough idea of whether or not it'd be useful t implement it.
In short: please read whatever you can, and most of all, COMMENT!
Beta Was this translation helpful? Give feedback.
All reactions