Specifying a mod's communications

[Clozent]

I've heard that the developers are looking into sandboxing as a measure against viruses being uploaded to the site.

I have an idea, inspired by a feature of VirusTotal, that may add some peace of mind to users, should Modrinth have sandboxing: if a mod attempts to make any communication through the internet, specify the IP addresses and domains it tries to connect to in the mod's page, in a separate "security" tab.

There should also be a tag for mods that do not attempt to make any internet communication, so users could know that they're more likely safe to download.

Further expanding the idea, a mod's security tab could show advanced users what other mods the mod attempts to communicate with, and in what way. This is because mods might be able to exploit other mods for external communication, such as Mod Menu checking for mod updates.

[AnOpenSauceDev]

I did bring this up in another discussion, but there would be a lot to track in this case. Some mods could contact the internet through system libraries, embedded mods that are modified versions of other mods, or just use the internet after a certain date, all of which might produce misleading information.

I think that this could be done instead by listing embedded libraries and mod files (instead of relying on the developer not forgetting to list them as dependencies), while also making it clear that all URL's found within the JAR file are not representative of what IP's the mod file could be calling.

I'm pretty sure the sandboxing discussion is less about running .JAR's in a secure environment to see what it tries to do, and more to protect the user by disallowing mods to touch anything except for a list of allowed domains and files.

[neirenoir]

I am currently running my Minecraft inside of a bubblewrap jail, and I am pretty happy with it. Then again, the issue is making this stuff compatible for Windows as well.

Doesn't the JVM provide some configurable sandboxing capabilities? It may be worth taking a look into that. I wouldn't rely on it, but it's better than nothing.

[AnOpenSauceDev]

You can prevents apps run under a JVM from doing some things (Security Manager iirc), but disabling some features that allow malicious code to be run will break a lot of mods (because quite a few of them rely on stuff like embedded libraries).