With the ongoing implementation of game security measures, developers are finding a greater pool of potentially abusive services disabled or restricted by default. Examples include HttpService, TeleportService and MarketPlaceService.
This is great as it limits potential attack vectors for malicious applications (plugins, models, etc), however it comes with one major caveat: there is no way to whitelist desired applications.
The current limitations negatively impact both developers and application creators:
-
Developers are forced into a situation of ‘all or nothing’ - provide the ability for a trusted application to function completely, however disable security settings globally in the process, enabling potentially malicious applications to continue.
-
Application creators are limited in what they can create, and often find developers are less willing to use their application when it depends upon necessary, but restricted, services.
To solve this:
-
For application creators, provide a place for them to specify which restricted services they wish to access.
-
When a user inserts a model or plugin which utilises restricted services into their game, a pop-up appears in studio highlighting these services, and enabling the user to approve of reject them. These restrictions can then be viewed and configured in a secondary location (such as Game Settings) within studio for a later date.
This could function similar to the Google Play Store permission system for instance:
