Bitwig

BufoBufo · Post by **BufoBufo** » Tue Apr 18, 2017 11:52 am

I was surprised to learn from this thread that Bitwig controller scripts are able to read random files from disk. Even more surprised making them *write* random files is just as easy.

Is it my paranoia or is this freaking scary?

These are the same scripts that have network access, scripts that can blow private data to the web or receive whatever from it. The same scripts many Bitwig customers download and install from *just anyone* who promises to make their controllers work. Without audits or reviews or slightest consideration they could be harmful. They're "just controller scripts", right?

And these very scripts are enabled to access random files on my PC? Not even limited to the controller scripts or Bitwig folder but virtually anything (Couldn't believe it, so tried myself and had no problem reading the hosts-file from deep within the Windows directory and put a modified copy elsewhere, just as an example). Sure, there will be certain limitations due to file system permissions, but after all, this must be a wet dream come true for any malicious coder.

I am wondering
When was this insane file access introduced?
Where is it documented, I mean officially documented at Bitwig?
How can it be turned off?
What else from the Java/Nashorn realm is exposed to the controller scripts?

Netsu · Post by **Netsu** » Tue Apr 18, 2017 12:23 pm

People just need to be aware that downloading unknown scripts is just like downloading unknown software.
That said I think it would make a good feature request to restrict file read/write to Bitwig folders and/or folders provided by the user.

BufoBufo · Post by **BufoBufo** » Tue Apr 18, 2017 2:01 pm

Netsu wrote:People just need to be aware that downloading unknown scripts is just like downloading unknown software.

You're right, and that exactly is a new, unexpected (and bad) paradigm when it comes to Bitwig controller scripts which I see nowhere communicated. Controller scripts were introduced like simple pieces of code for a very specific purpose with *one* official API to work with, in a very restrictive runtime environment. Harmless if you will. Turns out the runtime now is not harmless at all anymore.

Crux is, most everything here is "unknown". There's no security auditing anywhere. And it just doesn't make a script more "trustable" when three unknown people say "works for me".

So the only effective safety measure is either to not permit dangerous actions in the first place or at least communicate potential threats clearly.

andre h · Post by **andre h** » Wed Apr 19, 2017 11:47 am

i didn't know about this until i tried it the other night and it didn't sit right with me either. i'll contact Bitwig.

about Nashorn and access to Java classes: http://stackoverflow.com/questions/2079 ... -execution

andre h · Post by **andre h** » Fri Apr 21, 2017 4:33 pm

heard back from Bitwig yesterday that the Java API should not have been enabled

BufoBufo · Post by **BufoBufo** » Fri Apr 21, 2017 6:09 pm

Thanks for the info, Andre! Let's see what 2.1 will bring

Bitwig

KVR Audio

Controller scripts potentially insecure?