Games are an almost perfect type of software to be run in a sandbox. The question is, why aren't they already run in a sandbox?

SteamOS leverages namespaces via pressure-vessel already. The problem exists exclusively on Windows. Paravirtualized drivers introduce API incompatibility issues and decades of cumulative engine infrastructure made for Windows using the Win32 API means nobody wants to swap over to using UWP and thus AppContainers are a non-starter (and that's without getting to sacrificing Wine/Proton compatibility).

The native isolation mechanisms like silos are things that require wrangling by professional sysadmins, I didn't even know they existed until I started writing this post. The real question to be asking is why is sandboxing so bad on Windows? Despite some searching, I still have no conclusive answer as to how to go about filesystem isolation in Win32-space, or if it's even possible.

They are? Games need pretty much all the performance they can possibly get. Can you sandbox them without having a performance impact?

Consider that people pay a $300 premium to get ~10% better performance (buying an RTX 5080 instead of a 5070 Ti).

Personally I know that sometimes closing the web browser in the background makes my game run better - that web browser doesn't even interact with the game! Would a sandbox have a smaller impact?

PC games tend to be the reverse: they demand control over the machine, in order to try to detect or prevent being run alongside various forms of cheating software.

They also need low-latency access to the GPU, which I suspect is a fertile vector for privilege escape exploits.

Every Xbox game runs in a HyperV container, maybe it's not a crazy idea for PC

Running games on Linux via Proton provides some isolation. It’s not technically a proper sandbox though.

They often are on macOS now. https://developer.apple.com/documentation/security/accessing...

Is this not just an artifact of windows not sandboxing anything meaningfully and that itself is an artifact of punch cards?

I run Proton in Steam flatpak, as well as itch.io from flatpak. That is reasonable enough isolation for my use case.

Some anti piracy is already a sandbox.

I've formally studied gamedev, but haven't done anything in over a decade, but even before you get to the thorny issue of anti-cheat sustems, games rely on running at a(n often very) low level and doing unconventional things. I imagine they're one of the hardest things there are to sandbox without causing massive levels of breakage. But someone more knowledgeable about either side of the equation (sandboxing and/or game development) might be able to shed more light.

[dead]