Security concern: Isn't this just an RCE? #16
Comments
|
Thanks for the question. It's an essential question if I go further in this direction. It should have security checking or sandboxing to defend the user's environment from malicious attempts. I don't plan to go further in this project, so I won't implement any security features, but I keep this issue open because it's an important missing feature. Any input is welcomed. |
keijiro
changed the title
|
I briefly looked at the code. This doesn't seem any different than if someone were to write their own CS that posts to a remote server. A brief thought is that the returned values, if malicious (I.e. you crafted something to receive/parse out a malicious payload from GPT), maybe could be executed locally. Usually when we code against a remote server, the server is trusted (Do we trust GPT returned values 100%?). This could be mitigated either at the Unity Editor level or in the users CS itself. But overall it seems tame, and a problem that already would exist in a normal, custom crafted CS script that a user could create in Unity that queries and returns values from a remote source. Again, I only looked at the code briefly. |
It's not just malicious returned values, but imprecise returned value. The RCE here is a piece of text that an LLM, a parrot, who has no ability to determine intent, be precise, or have confidence, that generates code that is dangerous. |
|
My only suggestion here is to add a preview step for every execution, like a pull request. |
How much privilege can you get from injecting random text into this interface?
The text was updated successfully, but these errors were encountered: