Hey everyone,
I'm diving into Linux development and have a question regarding writing applications for personal use, like one that tracks time spent in different applications. My main concern is making sure I don't inadvertently trigger any anti-cheat systems or other security features. I have zero interest in doing anything malicious, like accessing game memory, but I'm not quite clear on where the line lies. For instance, could using something like DBus be viewed as suspicious? How can I figure out what's acceptable and what isn't, especially in cases where common sense might not apply?
I realize this is a tricky topic since anti-cheat developers probably keep their detection methods under wraps, but I'm curious: is accidentally setting off an anti-cheat system a real concern, or do you have to be engaging in intentional malicious activity for those systems to react?
Thanks in advance for any insights!
3 Answers
I really don’t think triggering an anti-cheat system is a valid concern for what you’re trying to do.
It's important to know that as a system user (like root), you theoretically could access game memory without triggering any detection. That's why kernel-level anti-cheat systems were developed for Windows; they can restrict what system users can do regarding certain game processes or track their actions.
However, on Linux, trying to implement similar measures could be circumvented by users due to the open nature of the OS.
Generally, Linux doesn't come with built-in anti-cheat systems. You might confuse it with tools like Windows Defender that may flag behavior as suspicious, but most Linux users don’t run similar software because it’s not really necessary.
As for your app, if it’s running as root, you can operate pretty freely aside from kernel memory. Still, many monitors can track process information without needing root access. For example, GNOME has a new wellness tool that does something like this without elevated permissions; it might be worth checking out its implementation.
True, but keep in mind that they can limit root's abilities on Linux, too. Technologies like SELinux can restrict actions, and a standardized kernel-level anti-cheat interface could allow games to use those protections. There are ways to hide process memory from root beyond just SELinux, like various cloud solutions that employ similar mechanisms.