As a Roblox developer who works with a large team, it is currently too hard to manage permissions without major holes in our security. Permissions provided by groups are too limited:
That last option is essentially a switch between not being able to work on any games at all and having unlimited permissions to do anything. For a team comprised of members with specific roles, there are dozens of entry points for a bad actor to wreak havoc on the group’s games.
Essentially, as anybody who has read up on OpSec will tell you, it’s important that each employee should only have access to what they need to do their job - anything more is a security flaw. A modeler does not need access to the source code or game settings, for example. Roblox should have extremely granular permissions settings on a per-place level.
Here are a few essential permissions to get started:
Can build Can read source code Can write source code Can publish game (different from saving) Can change game settings Can change security settings Can change permissions Can edit monetization products Can create monetization products Can read from datastores Can write to datastores Can use in-game developer console Can view live stats Can view developer stats Can view revenue stats Can view place configuration Can configure place Can view game configuration Can configure game Can configure localization Can shut down servers
To address an inevitable concern: Yes, these settings may be unintuitive, but there’s probably a way to implement them that keeps the configuration process simple for casual devs. Perhaps a toggle between Simple and Advanced settings? I’ll leave implementation details up to the engineers.
If Roblox is able to address this issue, I could sleep much more soundly at night knowing a compromised team member’s account could only do limited damage.