Sandboxing - modding capabilities

[Valmirius]

First, Daslang is awesome, thanks for making it.

It's extremely useful as a tool from the game developer side.

I was wondering how it would fare on the modding side and the usual security concerns that come with that. People usually bring up sandboxing to lock down certain actions like infinite loops and os/file access here but curious what your thoughts are.

[borisbat]

There is a lot in place already (as well as being worked on) for the upcoming project, which requires sandboxing.

Key features. which are already in place.

1. "Project" infrastructure. u can whitelist functions. u can enable\disable UNSAFE per file. can whitelist allowed 'require'.
2. CodeOfPolicies (can disable all unsafe policies).
3. Lint macros (can do all sorts of validation, specific to your project and your API.
4. Keep-alive functionality (to detect infinite situations, timeouts, etc).

What I would recommend additionally.

1. Assigning unique KEY to each modder (account?), which which to sign the mod. That way you can immediatly disable all mods by author, in case of abuse.
2. Use additional platform-level features for sandboxing. Depending on the platform (and the way your API are implemented - you can use 'processes' and such.