How stupid would it be to allow users to upload dll's for use in my application?

I’m working on a browser based unity game that also has an online editor. It occurred to me that it would be useful for users to be able to add ‘plugins’ to the editor that I’ve created. One idea that occurred to me for this was to allow users to upload DLL’s with some c sharp classes that add functionality to the editor, and then load the DLL’s associated with the current user automatically. My understanding is that the web player runs in a sandbox environment so would prevent the user from uploading code that was all that malicious. And ultimately the DLL is only run on the client machine (and not other users). I’ve run some tests and have got this basic concept working. But it just strikes me like this is a bad idea somehow. Are there any risks to this approach?

There are huge security risks since, even when it’s managed code, it can change nearly every aspect and function in the game. Since Reflection can be used even in the webplayer a foreign DLL could do any changes to the game. Of course everything happens inside the sandbox on the client machine, but it allows to change anything within your game.

It’s possible to use relfection to analyse the DLL code quite easy, however that requires your game to load the DLL first and at this point it would be too late.

I would recommend to use a scripting language like UniLUA

Would the changes be cached for that single use only, or for that ip only or would it be saved to the webserver?
If it is saved to the webserver, it could very much so be an issue of causing other players greif by adding an extremely hard level/addon or by changing base mechanics. And as you said, malicious files could be uploaded to steal info specifically.

The largest risk is processing power IMO. someone could upload an insanely intensive webserver only script that could lag and crash your server.

I hope i helped

I don’t know if it would work or not, but hiring moderators to check the DLL for malicious code may be a good idea.