Leaderboard

Our mods are also sandboxed, and shouldn't be able to get access to random files, or get access to system memory. So at most they would be able to crash the game. But it all depends on how good the sandboxing is. It's easy to have a bug that suddenly does expose parts of the filesystem or memory. That said, SpiderMonkey is made to execute scripts from unknown origin (scripts from webpages), so the sandboxing on their side should be done quite well.

Considering the amount of positive feedback here and in the staff meeting I've committed it in r18420

Signing stuff won't make it easier to make mods, but will indeed increase security. As with anything, security must be balanced with ease-of-use.

Yes, there's a crude outline to what should happen: One of the first things is making it possible to install mods by just opening a *.pyromod file with 0 A.D. (instead of copying the files manually to the right place, which causes some confusion). Then the lobby should also display the installed mods, and possibly link to a page defined in the metadata. And a final step would probably be to enable direct downloads (if that doesn't give a security issue).