Hey there, I recently became aware of the shared Roblox Global, and the documentation states that it “serves the exact same purpose as _G.” Does it serve any different purpose? Is it something that’s deprecated or preferred to _G or the opposite?
I’ve also heard much discourse on how _G is insecure (without hearing much about exactly what is insecure, other than race conditions and people’s problems with global variables), and was wondering if shared shares the same vulnerabilities or was maybe more secure than _G? If anyone who is knowledgeable can answer, then I’m interested in hearing what the difference is.
They are the same thing. People say it is insecure because exploiters can then easily change your values, since it’s in there. But, exploiters can view all your client-sided scripts and their memory anyways, so I don’t really care.
-- exploit:
_G.Value = true -- This is not changing yours
getrenv()._G.Value = true -- This is changing yours
_G isn’t really insecure for the reasons @bluebxrrybot mentioned, but using global variables might indicate a structural problem with your code as many people mistakingly use them like module scripts.
This is how I view it. If you’re using global variables in the way that you expect people to use _G, then there is likely a problem with your script structurally, and you have strayed too far away from the tried and true OOP approach.
It is said to be insecure because it causes programmers to make mistakes and misuse them more easily than local variables.
A programmer might use the global variable one way in one place and a different way in another place, just because he forgot how he used it in the first place.
It is also possible that a programmer does not know exactly how that variable is being initialized.
But this is only valid from the point of view of programming in general. When using a programming style it is very different.
For example in OOP, they are generally not used (because of the logic of the paradigm itself) and when they are, it is tried that they are immutable (that cannot be changed) what minimizes the insecurity.
in data oriented programming (DOP) they are used a lot because there is a well defined logic of how they should be used and they do not usually cause problems.