generic image
Processing...
  • Games
  • Catalog
  • Develop
  • Robux
  • Search in Players
  • Search in Games
  • Search in Catalog
  • Search in Groups
  • Search in Library
  • Log In
  • Sign Up
  • Games
  • Catalog
  • Develop
  • Robux
   
ROBLOX Forum » Game Creation and Development » Scripters
Home Search
 

Re: so what is this level business

Previous Thread :: Next Thread 
CrossArmsALT4 is not online. CrossArmsALT4
Joined: 03 Aug 2012
Total Posts: 7889
07 Jan 2014 11:10 AM
I hear people talk about "level 5 exploits" and so on and so forth, but as I am relatively new to this forum (by this I mean I'm a total noob) I don't actually know what these are. Then I saw a thread about level 7 exploits.

Would anyone care to give an explanation? (Doesn't have to be layman's terms).
Report Abuse
Prehistoricman is not online. Prehistoricman
Joined: 20 Sep 2008
Total Posts: 12490
07 Jan 2014 11:23 AM
Normal Identities. Look it up on the wiki.
Report Abuse
CrossArmsALT4 is not online. CrossArmsALT4
Joined: 03 Aug 2012
Total Posts: 7889
07 Jan 2014 11:33 AM
Okay, so in my understanding, the identity is an ordering of the amount of power that the script has in terms of what it can do. There is no hierarchy (so 1 being the least, 7 being the most), but instead they are picked at random with 2 being the least amount, and 7 being the most, but 1 has more power than 2.

Is this correct?
Report Abuse
littleAU999 is not online. littleAU999
Joined: 15 Jan 2011
Total Posts: 1375
07 Jan 2014 11:36 AM
Different security contexts are set out for different things, they really are in no order.
Report Abuse
TimeShop is not online. TimeShop
Joined: 24 Nov 2010
Total Posts: 1274
07 Jan 2014 12:06 PM
they dont follow any order, and its just like permissions.

Security 1 can do things that 2 can't do, but unrestricted can do anything. 7 can do what 2 can do and more, etc.
Report Abuse
CrossArmsALT4 is not online. CrossArmsALT4
Joined: 03 Aug 2012
Total Posts: 7889
07 Jan 2014 12:07 PM
I don't think you read my response in its entirirty.
Report Abuse
TimeShop is not online. TimeShop
Joined: 24 Nov 2010
Total Posts: 1274
07 Jan 2014 12:08 PM
And I don't think you understand. "the identity is an ordering of the amount of power that the script has in terms of what it can do"

"ordering"

There is no order.
Report Abuse
CrossArmsALT4 is not online. CrossArmsALT4
Joined: 03 Aug 2012
Total Posts: 7889
07 Jan 2014 12:09 PM
And I don't think you read,

"There is no hierarchy (so 1 being the least, 7 being the most), but instead they are picked at random with 2 being the least amount, and 7 being the most, but 1 has more power than 2.

Is this correct?"
Report Abuse
TimeShop is not online. TimeShop
Joined: 24 Nov 2010
Total Posts: 1274
07 Jan 2014 12:12 PM
You ignorant kid.

>"Okay, so in my understanding, the identity is an ordering of the amount of power that the script has in terms of what it can do. There is no hierarchy (so 1 being the least, 7 being the most), but instead they are picked at random with 2 being the least amount, and 7 being the most, but 1 has more power than 2."
>"the identity is an ordering of the amount of power that the script has in terms of what it can do"
>"the identity is an ordering"
>"ordering"

There is NO order. It is just NUMBERS assigned to PERMISSION SETS that do not CORRELATE with greater or less numbers. Just because 1 is less than 2, doesn't mean 2 can do more. 1 gets more permissions. Knowing the permissions of something doesn't even matter anyway. What are you going to be doing, writing exploits? You, the scripter, should always assume you'll be running at level 2 context.
Report Abuse
CrossArmsALT4 is not online. CrossArmsALT4
Joined: 03 Aug 2012
Total Posts: 7889
07 Jan 2014 12:30 PM
...do you really think I'd purposely contradict myself?

I at first used a word that rustled your jimmies, then contradicted myself.

Did it occur to you that I may have just used the wrong word (which is why later on I contradicted myself with a good explanation)?

So, before you go around calling people "ignorant kids" and getting your jimmies rustled, at least take it into account that just because one piece of vocabulary was incorrect does not necessarily that expresses what they meant in metaphoric concrete.
Report Abuse
TimeShop is not online. TimeShop
Joined: 24 Nov 2010
Total Posts: 1274
07 Jan 2014 12:43 PM
You clearly do not understand the English language. ONE WORD changes the whole SENTENCE. You implied there is an order between security contexts. THERE IS NO ORDER. I do not care what you say when you say "incorrect word", you cannot change what you said. You contradicted yourself, and the conversation should end right now because your question has been answered and right now all you're doing is continuing to defend yourself for useless reasons.
Report Abuse
MrgamesNwatch is not online. MrgamesNwatch
Joined: 02 Feb 2009
Total Posts: 7729
07 Jan 2014 01:01 PM
Geez, no need to fly off the handle TimeShop. It's just a small miswording which he later cleared up.
Report Abuse
CrossArmsALT4 is not online. CrossArmsALT4
Joined: 03 Aug 2012
Total Posts: 7889
07 Jan 2014 02:30 PM
I know exactly what I said. I'm well aware that I cannot change what I said- and quite honestly, I do not care. You have acknowledged the contradiction, and surely realised that there must have been a mistake and again with sincere honesty I don't think you seem to understand the English language either, because I have stated multiple times it was a small miswording and explained what I properly meant, but yet you keep insisting that this matters to the point where you are infuriated?

"The conversation should end now."

No, it really shouldn't. It should have ended as soon as I elaborated my mistake and what I meant to have said, if the contradiction hadn't already made that obvious. Or, if I were to act like you, "You ignorant child. A conversation is not the same thing as an attack. An ATTACK is when you get excessively ANGRY over something rather UNNECESSARY and MINOR."

"you're doing is continuing to defend yourself"

I guess I should act like you again.

"A DEFENSE is akin to JUSTIFYING. I was not JUSTIFYING but I was REPEATING myself because you founded it DIFFICULT to understand that I UNDERSTOOD that I had MADE a MISTAKE and I kept RPEATING my ELABORATION on why I ADMITTED the word I used was INCORRECT. You don't know a thing about English and should cease speaking immediately you mentally challenged ignorant child [insert stream of fancy words here]".

"Useless reasons".

Eh. I thought I had repeated myself enough- but yet you insist that a miswording is worth having a tirade about.

"implied"

I said it once. One error. Should this really matter so much?

If you're trying to troll, then I think you should know that trolling is not the same as getting angry to a person over the internet over rather minor things such as one error in the entirety of a paragraph and start internet-shouting at them.

Report Abuse
PhokiusV3 is not online. PhokiusV3
Joined: 07 May 2013
Total Posts: 805
07 Jan 2014 03:48 PM
Level is the modern lingo to the ability of the Lua interpreters in the game's code.

This is determined by a hexadecimal string and can have +|- 2^32-1 different levels.


A special checking function looks at the string to determine what security takes place when executing a Lua string of code.
Report Abuse
cntkillme is not online. cntkillme
Joined: 07 Apr 2008
Total Posts: 44956
07 Jan 2014 03:49 PM
"+|- 2^32-1"
Did you mean:
"-2^31 -> 2^31-1"
Since it can go to -2^31
Report Abuse
AndroidKitKat is not online. AndroidKitKat
Joined: 21 Sep 2013
Total Posts: 1525
07 Jan 2014 03:50 PM
TimeShop OOOOHHHH OHHH WHAT IS 7013 GOING TO DO, RAID THIS FORUM!?

EOS db 0x00 ;End of String Marker
Report Abuse
cntkillme is not online. cntkillme
Joined: 07 Apr 2008
Total Posts: 44956
07 Jan 2014 03:51 PM
wat
Report Abuse
AndroidKitKat is not online. AndroidKitKat
Joined: 21 Sep 2013
Total Posts: 1525
07 Jan 2014 03:52 PM
7013 == RAT under cj's tyranny.

EOS db 0x00 ;End of String Marker
Report Abuse
cntkillme is not online. cntkillme
Joined: 07 Apr 2008
Total Posts: 44956
07 Jan 2014 03:53 PM
oh, im not about that group life (ง ͠° ل͜ °)ง
Report Abuse
Prehistoricman is not online. Prehistoricman
Joined: 20 Sep 2008
Total Posts: 12490
07 Jan 2014 04:31 PM
2^32 to -(2^32)+1

Actually.
Report Abuse
cntkillme is not online. cntkillme
Joined: 07 Apr 2008
Total Posts: 44956
07 Jan 2014 04:33 PM
^ That is 33 bits
Report Abuse
TimeShop is not online. TimeShop
Joined: 24 Nov 2010
Total Posts: 1274
07 Jan 2014 04:33 PM
I merely answered your question, and you dedicate a word wall to me. Mission accomplished, thanks! I feel the love.
Report Abuse
suremark is not online. suremark
Joined: 13 Nov 2007
Total Posts: 6315
07 Jan 2014 08:33 PM
I'm rather new to all this security stuff, and have been reading heavily on it lately. Here's a good resource from Anaminus: http://wiki.roblox.com/index.php/User:Anaminus/Identity

So every member (methods, properties, events, or callbacks) of every instance has a security context tagged to it. There are 5 different tags that ROBLOX uses: Roblox, RobloxScript, WritePlayer, LocalUser, and RobloxPlace. You can find which methods have which security contexts tied to them in the API dump (http://wiki.roblox.com/index.php/Class_reference/API_dump). Essentially, each of these tags represent, a "context".

RobloxPlace is the context of anything besides normal Scripts and LocalScripts. The Command bar, all Plugins, CoreScripts, StarterScripts, etc. have access to this context. Plugins and the command bar are not part of a ROBLOX place per se because they don't appear outside of Play Solo and Studio-- thus, not an actual ROBLOX place. RobloxPlace scripts have slightly elevated access-- they're one step above normal Scripts. One such elevated privilege they have is the Error event of ScriptContext, which allows them to catch errors in /other scripts/. So, in a sense, they are in superposition relative to YOUR scripts.

LocalUser, I would guess, is likely related to the ROBLOX client. Plugins and the command bar run with LocalUser context. It also appears that many of the Network objects contain LocalUser members, so I'll bet LocalUser is tied to client processes and client-server communication. CoreScripts and StarterScripts have access to this context.

RobloxScript is the context of code whitelisted by ROBLOX. If you look at the beginning of LinkedSword's script, there is a string of random characters attached to the first line-- this is a hash representation of the script's code. I'm guessing that ROBLOX keeps a table of whitelisted hashes and checks script:GetHash() against their table. CoreScripts and StarterScripts have access to this context (that's why many of them also have the hashes commented on the first few lines).

And the last two security contexts, Roblox and WritePlayer, are only available to threads with UNRESTRICTED access. These threads have access to the CookiesService (presumably used for manipulating browser cookies) and can save your ROBLOX places to online assets. This is a script with unrestricted access, which I believe is run whenever you visit a ROBLOX place: http://www.roblox.com/game/join.ashx

And so you have script identities, as detailed in Anaminus's article. There are 7 postulated script identities, each with different permissions to different security contexts. These are NOT numbered in hierarchical order-- i.e., they are to be treated as if they're random. Again, the article provided at the beginning of this text specifies which scripts belong to which contexts.

One last thing about 'Level 7' access-- there is much debate as to whether or not identity 7 scripts exist. 'join.ashx' has the same access as the theoretical level 7, but in itself it is distinct from level 7 because it has "no identity". My understanding of this is that 'no identity' means it does not originate from the ROBLOX client.

Anyway, that's all I've gathered about security contexts and identities. Correct me if i'm wrong-- I've only been reading about this stuff for about 3 days.
Report Abuse
lampwnage121 is not online. lampwnage121
Joined: 20 Oct 2012
Total Posts: 4285
07 Jan 2014 08:41 PM
Am I late for the popcorn?
Report Abuse
booing is not online. booing
Joined: 04 May 2009
Total Posts: 6594
07 Jan 2014 09:10 PM
its a number to say what a script can do
1 - plugin's
2 - script's
3 - not in use used too be command bar
4 - corescript's
5 - commandbar
6 - joinscript's
7+ - unrestricted
Report Abuse
Previous Thread :: Next Thread 
Page 1 of 1
 
 
ROBLOX Forum » Game Creation and Development » Scripters
   
 
   
  • About Us
  • Jobs
  • Blog
  • Parents
  • Help
  • Terms
  • Privacy

©2017 Roblox Corporation. Roblox, the Roblox logo, Robux, Bloxy, and Powering Imagination are among our registered and unregistered trademarks in the U.S. and other countries.



Progress
Starting Roblox...
Connecting to Players...
R R

Roblox is now loading. Get ready to play!

R R

You're moments away from getting into the game!

Click here for help

Check Remember my choice and click Launch Application in the dialog box above to join games faster in the future!

Gameplay sponsored by:
Loading 0% - Starting game...
Get more with Builders Club! Join Builders Club
Choose Your Avatar
I have an account
generic image