In particular, this is about game extensions written in lua (luajit-2.0). I was contemplating whether I should restrict what these scripts can do, and arrived at the conclusion that I probably shouldn't:

• It's hard to get right. Sounds silly, but chances are my sandbox is gonna end up leaky anyways.

• The only benefit I could think of would be giving users some sense of security when running third party scripts.

• The disadvantages would be that it's just incredibly annoying for extension writers. That is, for now, myself (game content will be mostly scripted).

The reason I'm asking this now before I actually have anything presentable is that adding a sandbox early on is easy, but would impose said annoying restrictions on myself too. However if I first go on with it and then later decide I do need a sandbox after all, I'm gonna run into problems (I'd either have to rewrite the scripts that are already there, or introduce some form of trust management system which seems to be more trouble than it's worth).