Currently, .love files can write to everything as long as the running user has access. They can upload your private collection of home-made porn to the Internet, and replace the contents of each file on your file system with "lol".
It can do this because of the standard Lua libraries io and os. Now, the question is: should these libraries be removed? Yes, keeping them would be a risk, but should LÖVE really limit what developers can do?
EDIT: For the record, I'm not going to vote.
Sandboxing (poll)
- bartbes
- Sex machine
- Posts: 4946
- Joined: Fri Aug 29, 2008 10:35 am
- Location: The Netherlands
- Contact:
Re: Sandboxing (poll)
I voted no, but I actually want something in between, not completely sandboxed but preventing the program from doing too much harm.
Re: Sandboxing (poll)
I battle with this often, i know i CAN use io and os but do i really need to?
the only time i need to is when im farting around with an app idea, and love is not well suited for apps
as far as games go i see no reason for them to be there
the only time i need to is when im farting around with an app idea, and love is not well suited for apps
as far as games go i see no reason for them to be there
Re: Sandboxing (poll)
Osgeld: good point. Don't really need it for games.
Bartbes: care to elaborate?
Bartbes: care to elaborate?
Re: Sandboxing (poll)
ps just make sure you replace os.time() with something
- Robin
- The Omniscient
- Posts: 6506
- Joined: Fri Feb 20, 2009 4:29 pm
- Location: The Netherlands
- Contact:
Re: Sandboxing (poll)
I'm sure there are a few more functions that can still be useful. I would suggest creating a dummy os table, with only time() (and maybe some of the other date/time functions (or clock()? (the longer this post gets, the more it starts to look like LISP))) in it. That way, (a little) compatibility with standard Lua is maintained, mostly to minimize (game developer) confusion and rewriting.osgeld wrote:ps just make sure you replace os.time() with something
Help us help you: attach a .love.
- Sardtok
- Party member
- Posts: 108
- Joined: Thu Feb 21, 2008 2:37 pm
- Location: Norway/Norge/諾威/挪威 (Yes, I'm teh back!)
- Contact:
Re: Sandboxing (poll)
How about something like security certificates, similar to Java, where they user has to accept that a game might run evil code.
That way, people who want to use io instead of love.filesystem and os instead of, uhm, (nothing…?), can do that.
All the others can make games that are happy and safe and doesn't need the user to tell it that it may go ahead and lolify their system.
I think this has been suggested before too. Of course, you could probably skip the whole certificate things, and just ask when people run evil programs.
That way, people who want to use io instead of love.filesystem and os instead of, uhm, (nothing…?), can do that.
All the others can make games that are happy and safe and doesn't need the user to tell it that it may go ahead and lolify their system.
I think this has been suggested before too. Of course, you could probably skip the whole certificate things, and just ask when people run evil programs.
Take off every Zigg for great rapist.
Now, outgay that!
Now, outgay that!
Re: Sandboxing (poll)
the problem with people is as soon as you imply that it could be evil, it becomes massively evil to them
Re: Sandboxing (poll)
I voted Yes, but only because I lean only slightly that direction. For the most part I am indifferent.
We don't borrow, we don't read, we don't rent, we don't lease, we take the minds!
- bartbes
- Sex machine
- Posts: 4946
- Joined: Fri Aug 29, 2008 10:35 am
- Location: The Netherlands
- Contact:
Re: Sandboxing (poll)
I'm kind of thinking about making io read-only, and preferably even home only.
Who is online
Users browsing this forum: No registered users and 4 guests