2. Guides
  3. Server Management
  4. Security
3 minutes to read
Created by
Calytic
Updated by
Wulf

Security

Details on how to secure uMod plugins

This guide is for uMod, not Oxide.
Join our discord for the latest updates and the latest news! Join discord

Sandbox

Plugins are compiled (by default) in a restricted mode that prevents a substantial number of .NET features from being used.

These restrictions are in place to prevent potentially malicious code.

Restricted namespaces

The list of namespaces restricted by the sandbox includes, but is not limited to:

  1. System.IO
  2. System.Net
  3. System.Reflection
  4. System.Threading
  5. System.Runtime.InteropServices
  6. System.Diagnostics
  7. System.Security
  8. System.Timers

Whitelisted exceptions

There are exceptions for some classes or methods in the restricted namespaces listed above:

  1. System.Diagnostics.Stopwatch
  2. System.IO.MemoryStream
  3. System.IO.Stream
  4. System.IO.BinaryReader
  5. System.IO.BinaryWriter
  6. System.Net.Dns
  7. System.Net.Dns.GetHostEntry
  8. System.Net.IPAddress
  9. System.Net.IPEndPoint
  10. System.Net.NetworkInformation
  11. System.Net.Sockets.SocketFlags
  12. System.Security.Cryptography
  13. System.Threading.Interlocked

Extensions exception

Extensions are not sandboxed, meaning that any code deployed as an extension (or .dll file) will have unmitigated access to all .NET libraries. Writing extensions is generally discouraged and the large majority of the uMod plugin ecosystem is compliant with the above restrictions and served as source code (.cs files).

uMod.org does not generally accept extensions except in the most needful cases. If code is submitted as an extension: it must be open-source and the author must be prepared to demonstrate why it absolutely must be deployed as an extension.

Filesystem

File system operations performed by plugins have path restrictions that prevent any file from being read or written outside of certain locations.

Disabling sandbox

Server administrators with access to the global plugins configuration can disable the sandbox unless the sandbox is enforced.

Enforcing sandbox

Infrastructure providers can ensure the sandbox is enabled regardless of configuration by using a file or parameter override.

File override

Create and lock an empty file called umod.sandbox in the game's managed/extension directory, the server's root directory, or the umod directory.

Launch parameter override

Launch the server with the --force-sandbox option.

Security vulnerabilities

If you have identified a security vulnerability in uMod, please disclose it responsibly by e-mailing us privately at security at umod.org [email protected]

Server Management

  1. Performance
  2. Popular tools
  3. Security