#enabling hyper synergism in steam

Can a call of a missing/hidden file be added to hyper synergism in steam?

this would be a vulnerability

if your server relies on players not modding the game, then it's already vulnerable. if a player breaks their own security through modding, then the vulnerability is limited to said player who bypasses the warnings to inject code.

that said, it would not surprise me if:

1. there's a way to inject the same code by virtue of it being a web app stuffed inside of an app-ified browser layer (Electron dev console?), and
2. anyone who uses it has exactly zero support and an official warning that it's at their own risk.

I cannot tell if you agree with me based on the first sentence

There is a difference between modding and literally putting an RCE in the game

userscripts with any sort of update mechanism are remote code execution. if the JavaScript in an Electron/whatever app has significantly more dangerous privileges beyond a webpage in a browser (e.g., filesystem access), then i expect you to take a strong stance against making such modifications to the app, even if you might be supportive of the exact same modding in the browser. based on your response, i'm assuming there are indeed more dangerous permissions in the app version.

you can press ctrl-shift-I within electron app to get the dev console lol

so i think we agree, if you're talking about making the users vulnerable.

The browser version: user is responsible
What op is suggesting: make us responsible (they want us to try executing a non-existent file)