Add a limit to the size of Plugin setting files

As a Roblox developer, it’s currently possible to save as much data as you want into a plugin’s settings file. This should probably not be the case and it should be capped at some point. Preferably at a few megabytes, since that seems well beyond what most plugins will get to.

Recently, I noticed that the size of the built-in plugin’s settings file was 800kb. After some inspection, this was because plugins that are saved locally or created with PluginManager():CreatePlugin() share the same settings file as the built in plugins and at some point a plugin had saved the entirety of the API dump json to the settings file.

Opening a file with this settings.json proved to be slow enough that it just hung Studio for a bit. I was able to make a settings file that was around 360mb before I made this post, and it hung Studio for a solid minute when it first opened a place file. I’m lucky enough to know how to fix this, but if a plugin maliciously bloated the size of the built-in settings file, it would be hard for a lot of people to fix it.

2 Likes

I don’t want Roblox to artificially limit me if I need to make a plugin that for some reason uses a whole bunch of storage. Obvious use cases are not exhaustive of all use cases.

As a contrived example, if I’m doing some computationally intensive operation with a local plugin, I might want to save computations finished so far under plugin settings so if something goes wrong or I need to exit Studio, I don’t have to restart that long-running operation.

It seems needlessly restrictive to prevent plugins from using as much data as they want; plugins can already maliciously prevent Studio from working correctly without using settings at all, so this is hardly a safety issue. This issue also somewhat limits itself; Studio will take longer to save settings the larger they get to the point it’s infeasible to abuse this. I think there’s also likely the system memory limit to prevent this from getting out of control, but I haven’t tested this.

4 Likes

Maybe a warning would be good?
“This plugin is using an unusually large amount of storage space, would you like to allow it?” Could pop up once and then you’d be done with it.

3 Likes

This seems to fall under the “plugins needs a fine grained permissions system” umbrella.

1 Like