-
Notifications
You must be signed in to change notification settings - Fork 101
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Cloud Console Opt in #556
Comments
This is a great idea. I think it should also apply to workspaces since that can also allow 'the cloud' to run code on the local device even if it's a bit more roundabout. I think things on the technical side are in a decently secure state right now (the app should only be trusting stuff coming from a secure connection to ballistica.net) but it would be good to guard against social engineering sort of attacks too. ("hey stranger; log in with this username/password and check out my cool mods!") Maybe the app can keep a list of which account ids are 'trusted' and pop up a big scary allow/disallow dialog before allowing cloud-console commands or workspace syncing from a not-yet-trusted account-id?.. or any thoughts on a better mechanism? |
first of all: thanks for the amazing game! Lots of fun :D
and thanks for the enormous mod friendliness.
Description
By default the game accepts code from the cloud. I think that's kind of scary. There is no need to have this enabled by default.
If I understand correctly, you have to trust the server. I think this is unnecessary.
Solution
in the settings > advanced window could be a checkbox to allow code from the cloud.
every mod developer can go this small extra step in my opinion
Alternatives
I see the great potential of this cloud modding / debugging feature and don't want it gone.
Additional context
some mockup code i imagine:
The text was updated successfully, but these errors were encountered: