more tech musing
i wonder if it'd be possible to have some kinda permissions based embeddable runtime for stuff like games to include as part of their modding platforms. ideally you'd formally verify it in some meaningful way so that games using the runtime can know that untrusted code from arbitrary mods the player downloaded won't be able to do anything unscrupulous, like store huge data or connect to the internet, without their express consent
im sure there's problems with this idea tho lmao
more tech musing
i just think it'd be lovely if it could be easier to share small pieces of code in a trustable way
both among users and among applications themselves! i could imagine some scenarios where it might behoove an app to programmatically tell another app "hey run this on the data i'm gonna send you", an operation which is incredibly dangerous at present but would be useful if it could be made safer
idk. there's a reason i didn't go into software security haha
gulfie 
more tech musing
@typhlosion you might be find Garry's Mod interesting, it has a Lua interface for custom content.
more tech musing
@gulfie i mean, plenty of games have lua interfaces. the problem with lua, and really with any embedded runtime i know of, is that untrusted lua code run unchecked can potentially run arbitrary system commands and store arbitrarily large files and do all kinds of other nasty things if it's malicious
more tech musing
@typhlosion @gulfie yeah lua wouldn't be suitable for running on consoles for that reason
I think the Xbone version of Fallout 4/Skyrim SE does allow for some changes to be made within the game's scripting framework - most of the things you can do on PC without the Skyrim Script Extender/FO equivalent, I believe.
(The PS4 versions are more locked down, so mods there are more visual changes or stat adjustments)
more tech musing
@typhlosion to be clear, when you join a Garry's mod server, about half the time you will get a bunch of custom Lua scripts that get downloaded and executed safely in some sort of sandbox.
re: more tech musing
@typhlosion this sounds extremely doable with a good capability security model
unfortunately i have no idea whether a good capability security model has ever actually been implemented
re: more tech musing
@00dani seL4 has a formally verified one! but that's a microkernel. that's perhaps a bit out of scope
more tech musing
like, in order to do it properly you'd have to also trust that untrusted mod code can't exploit the interface between the mod platform runtime and the rest of the game to do something unscrupulous, and ugh
but im not trying to build a secure kernel here, just tryin to offer a bit more peace of mind, i guess. but then why go to the trouble of formal verifidhwhcujdjejebfjsjuydhcnkr