Skip to main content

Indie game storeFree gamesFun gamesHorror games
Game developmentAssetsComics
SalesBundles
Jobs
TagsGame Engines

Sandbox mode but why?

A topic by Deleted Account created May 16, 2017 Views: 2,066 Replies: 1
Viewing posts 1 to 2
Deleted post
(2 edits) (+7)

Hi!

That's a great question, thanks for posting it.

Let me compare itch.io to YouTube for a second: YouTube is an open platform: anyone can upload anything, there's no "vetting" or curation going on ahead of time. Offensive or dangerous content can be reported by users and taken down by the staff.

Someone could try to upload a malicious video to YouTube (video decoders are notoriously fragile), so they have measures in place to avoid that. For example, they re-encode videos. Your web browser (in which most videos play) also features a sandbox, among other security features. This lets anyone upload anything, and anyone play anything legitimate without any problems.

The goal of the sandbox is for us to remain open, while keeping our players safe. Legitimate games should play without any problems within the sandbox, and malicious ones should fail to act maliciously - within the sandbox, they effectively see an empty computer, with just the game on it.


"Vetting" content is another way to do things, but it doesn't address all potential security scenarios. If we take Steam, for example - developers upload their games using steamcmd, a command-line tool similar to our own butler. One notable difference is that if you want to automate uploads with steamcmd, you have to put your Steamworks username and password in clear text (unencrypted) in a file on your computer. This could easily be stolen by a malicious person or a malicious piece of software. It could then be used to upload a modified version of a popular game, and just like that, a hundred thousand players would be infected. This is a much more promising vector for malware authors than trying to come up with a completely unknown, malicious game, and try to earn enough trust to get it installed by players.

In summary: manual review (vetting), automatic review (antivirus), and sandboxing are all different layers of security, and the latter catches thing the other two will completely fail to detect.

I hope this answers your question!