Totally agree; we're not making browser games here (see Flash's, necessary mind you, sandboxing), but desktop games. C++, which a number of indies go with, doesn't give any sandbox whatsoever, giving them freedom to do awesome things with their games.slime wrote:LÖVE is a tool to make game development easier. It's not a sandbox or modding environment like WoW's Lua API, where they're restricting access in order to prevent people from doing unintended things to their game. When we restrict access to LÖVE features from ourselves, we're just shooting ourselves in the foot because we aren't modding a game, we're making a game. If I wanted, I could compile a malicious program that uses Lua's io.popen and distribute it. What's the difference between doing that and creating a löve game that does the same thing? If you're so concerned about security shouldn't you be trying to get io.popen removed from Lua itself?
It's up to the OS and developers themselves to insure greater security. The tools they use are simply that, tools.
Sandboxing when making games, is a bit like DRM when playing games. Both hamper the ability to freely do something legitimate. It's up to the OS to ensure security, and the users to not be stupid and run something malicious.