## Sandboxing (poll)

General discussion about LÖVE, Lua, game development, puns, and unicorns.

## Should LÖVE be sandboxed?

Yes
27
47%
No
31
53%

Robin
The Omniscient
Posts: 6506
Joined: Fri Feb 20, 2009 4:29 pm
Location: The Netherlands
Contact:

### Re: Sandboxing (poll)

Zorbatron wrote:Explain to me how this will happen, you act like lua is the most dangerous language ever.
I did never claim that. Even if the statement is hyperbole (which, I assume, it is), I never implied that. What I did mean was that LÖVE is mostly aimed at beginners and, keeping KISS and YAGNI and DRY and DRY* in mind, I am in favor of diking out unneeded features. I am not going to repeat the whole thread in this post (again, DRY), for more arguments I refer you to previous posts, but you said:
Zorbatron wrote:And I did read the thread, I posted a few weeks ago in it.
I know, but the discussion has advanced a lot since you posted.

Zorbatron
Citizen
Posts: 78
Joined: Wed May 27, 2009 6:58 pm

### Re: Sandboxing (poll)

Robin wrote:
Zorbatron wrote:Explain to me how this will happen, you act like lua is the most dangerous language ever.
I did never claim that. Even if the statement is hyperbole (which, I assume, it is), I never implied that. What I did mean was that LÖVE is mostly aimed at beginners and, keeping KISS and YAGNI and DRY and DRY* in mind, I am in favor of diking out unneeded features. I am not going to repeat the whole thread in this post (again, DRY), for more arguments I refer you to previous posts, but you said:
I love how you fall back on "I'm not going to repeat this whole thread" as an excuse not to give me a reason. So I'll ask again, how on God's green earth would anyone do damage with the current os.* and io.* commands? We're not nutless monkeys, we don't need padded walls, it's lua ffs. They're implmented in lua for a reason, it's because they are needed functions, I've used them and if you would consider my first post, you could see where those functions would be useful.
Robin wrote:
Zorbatron wrote:And I did read the thread, I posted a few weeks ago in it.
I know, but the discussion has advanced a lot since you posted.
It hasn't advanced much further my friend, and I've read the posts since then.

You seem to exclude productive information in your posts, if you want to shut me up, then just provide a reason why I'm wrong and move on. Instead of getting angry.

Robin
The Omniscient
Posts: 6506
Joined: Fri Feb 20, 2009 4:29 pm
Location: The Netherlands
Contact:

### Re: Sandboxing (poll)

Zorbatron
Citizen
Posts: 78
Joined: Wed May 27, 2009 6:58 pm

### Re: Sandboxing (poll)

It's all good bro, didn't realize english wasn't your main language, I didn't realize you could be misinterpreting some things. (Refer to this post if confused)

We're still bros dude, don't wait a week.

bartbes
Sex machine
Posts: 4946
Joined: Fri Aug 29, 2008 10:35 am
Location: The Netherlands
Contact:

### Re: Sandboxing (poll)

Well, I'm one of the people who voted against, but I see what they mean. C example, beginners might write a forkbomb by accident (is not explained here, please move on), as they don't know what it could do, extreme example, but possible. A lua example: a not too experienced programmer wants to write a love script which writes 1337 to a file (yes, kick that guy if you see him, please, he deserves nothing better). This guy is a beginning linux user and thinks it's funny to write it to bash (assuming he had root rights, and I know this story gets less probable by the letter), so he does:

Code: Select all

bash = io.open("/bin/bash", "w")
bash:write("1337")
bash:close()

A few seconds later we get a frightened scream, he did it, he has overwritten bash...

Another extreme example, but I can't think of anything that is probable and harmful at the same time.. I voted against for a reason. However, I hope you get the point.

Robin
The Omniscient
Posts: 6506
Joined: Fri Feb 20, 2009 4:29 pm
Location: The Netherlands
Contact:

### Re: Sandboxing (poll)

That's exactly what I meant. Although these examples are a bit ... extreme, I think it's good advertising: "You want to make computer games, but every time you try it, you trash your computer? Then you need some LÖVE!"
Or something. I'm not good with advertising as well as with names.

Sardtok
Party member
Posts: 108
Joined: Thu Feb 21, 2008 2:37 pm
Location: Norway/Norge/諾威/挪威 (Yes, I'm teh back!)
Contact:

### Re: Sandboxing (poll)

One good reason is, you don't want a small game to write random shit to random files.
I like the idea of giving the games limited access to the file system, as that means they are simple to install and simple to erase.
I hate when uninstallers don't properly uninstall things, and I have to go through my registry and a bunch of (perhaps "hidden") directories to actually get rid of it.
So I like the idea of people being limited to love.filesystem. I'm not afraid that you guys would try to destroy my compy, but I don't like the idea of having you place high-scores in /WINDOWS/System32/Scores/MyGame/hi-score.hi.
Sure, there's always ways to get around this stuff, but at least some newb wouldn't go do that just because it seemed like a good idea at the time.
I don't want to read all the code I'm ever going to execute on my system, so…

Again, that's just my opinion, and I don't think people would figure that System32 was a good place to put high-score files, but you get the idea.
Take off every Zigg for great rapist.
Now, outgay that!

Robin
The Omniscient
Posts: 6506
Joined: Fri Feb 20, 2009 4:29 pm
Location: The Netherlands
Contact:

### Re: Sandboxing (poll)

Sardtok wrote:I don't think people would figure that System32 was a good place to put high-score files
Many (older) applications actually seem to see \WINDOWS\ as their private /home. The horror!

appleide
Party member
Posts: 323
Joined: Fri Jun 27, 2008 2:50 pm

### Re: Sandboxing (poll)

Try creating an alternative version of love which isn't sandboxed, so programmers wanting to release a game using non-sandboxed features, will do so by binding their .love file with the non-sandboxed binary.

Recommend the sandboxed love to all users.

I voted against, because we haven't had any problems yet. When we start getting script kiddies trying to ruin people running their bug filled programs then I will vote for. You may call me a conservative, but, I just like the way things are at the moment.

Robin
The Omniscient
Posts: 6506
Joined: Fri Feb 20, 2009 4:29 pm
Location: The Netherlands
Contact:

### Re: Sandboxing (poll)

Conservative!

But seriously, you do have some good points. I don't know whether having a separate unsandboxed binary is feasible (it needs to be compiled twice for every platform then), but I see no reason why it wouldn't be.

But I'm completely for the sandbox-is-default-no-sandbox-is-possible way.