[mopsi]

Microsoft Flight Simulator[1] is a really interesting example, because running code from third parties has been the norm for decades. Custom code for things like airplane instruments was distributed in DLL modules that had full Windows API access (file system, networking, etc) while the game was running. It's obviously a huge security risk.

So for the new version of Flight Simulator, they divided it into core game engine and "content packages" that fill the rest (airplanes, landscape, missions, other assets). Packages get loaded into a virtual file tree[2]. Packages may contain custom code, usually compiled from C++ to WASM, but the code is executed in isolated containers and it does not have access to the underlying file system. It only sees contents of its local package within the virtual file system.

As a result, the shiny airplane you bought from some online marketplace can't read your documents folder and send its contents to remote servers anymore. It remains an issue with many other games where third-party modifications ship as unrestricted DLLs, even on authoritative-looking platforms like Steam Workshop. For example, a pathfinding fix for Command & Conquer on Steam is just a DLL swap[3] - this should make security-concious people very uneasy.

[1] https://docs.flightsimulator.com/html/Programming_Tools/WASM...

[2] https://docs.flightsimulator.com/html/Developer_Mode/Menus/T...

[3] https://steamcommunity.com/sharedfiles/filedetails/?id=21371...

[int_19h]

This kind of thing was fairly common historically. For example, Quake 2 mods were DLL / .so files, depending on the platform, and modding was more common than not in multiplayer. Or the just-released Mount & Blade 2: Bannerlord, which is written in C# and runs on the full-featured .NET Framework on Windows - its mods are managed assemblies, naturally, and they run under full trust.

(And then you go meta and write a mod that compiles and loads source code at runtime: https://www.nexusmods.com/mountandblade2bannerlord/mods/1651)