We will look into providing access to ReplicatedStorage and other services that are essentially ‘folders’ under AccessOutsideWrite.
3 Likes
We do have plans for an API to run a function under a custom timeout, but it’s only in early design stage with problems on how to handle functions using task library methods that have to be solved.
There are other exhaustible shared resources we are considering and there will probably will remain a way to escape a resource limit, our aim is to prevent unrecoverable data changes from being made.
We have something for this use case planned and will share details later.
1 Like
New Audio APIs are available using the Audio capability.
Unfortunately, capability for legacy sound APIs was added a bit late for the current release and will come in an update.
1 Like
Giving access to folder-like services via AccessOutsideWrites would essentially bring back a game I previously had to shut down due to scripting vulnerabilities (Abuse of Ban API, InsertService etc) without having to tell hundreds of its creators (most who will have moved on) to update their maps.
Please make this happen 
8 Likes
Modules required with require(id) seem to escape the sandbox of the requiring script’s container.
I was able to ban myself with Players:BanAsync() using only the RunServerScript and AssetRequire capabilities.
5 Likes
Using getfenv or setfenv is entirely broken when sandboxed even when allowing all permissions, is this intentional due to its enviornment changing nature? Because I had the enviornment sandbox option turned on.
The current thread cannot call 'getfenv' (lacking capability Unassigned)
1 Like
Yes, getfenv and setfenv are not available because they break out of our Sandbox.
1 Like
Will this prevent exploiters from inserting scripts into places like CoreGui?
Hey there, I was acc reading about this lol 
So does this exactly prevent exploiters fully?
This feature has nothing to do with exploits
3 Likes
Noticed I can no longer call game:getdescendants() without an error.
“The current thread cannot access ‘StreamingService’ (lacking capability Assistant)”
I currently do this to iterate through all parts of the game in order to properly setup sounds, clean up some welds etc. Feel like this behavior doesnt need to break, rather it should just not iterate over stuff like StreamingService
Still a problem! When’s the next update?
StreamingService issue is not exactly related to this feature, that issue should now be fixed.
3 Likes
Unfortunately, the fix has gotten delayed and won’t be available next week, but sandboxing propagation to require(id) module execution is ready and should come out in version 654.
1 Like
Unfortunately I’m still experiencing this bug, which makes it very hard for me to implement what I want to do with this feature.
1 Like
Seems there is a sandbox breakout method with Tool instances as they will reparent to the characters.
SandboxBreakout.rbxl (58.1 KB)
This breakout method works with RunServerScript enabled or disabled (you just have to pick up the tool before the 8 second timer runs out with RunServerScript enabled)
Not sure how this could be fixed in this case, anyone using this feature would have to blacklist tools manually.
EDIT:
This may also apply to anything else that gets parented on touch with standard humanoids characters, such as hats.
10 Likes
That opens insane potential to a modding with user-experiences!
That would be amazing if you could configure script capabilities during runtime or either during inserting a model there, so people don’t access areas in the game that you don’t want to!
Ability to allow or ban certain services would be also amazing!
@WheretIB
Since Sandboxing is a thing now. Roblox should remove the restrictions on InsertService.
People do want this and now that we have Security Restrictions for scripts in place I say we bring back InsertService and Allow people to insert free models without having them added to their inventory:
Thank you for the report, we will have an update to handle that!
1 Like