Increase ProjectSettings Security on Export

[atlasapplications]

Partially implemented by godotengine/godot#76161 but with a few key differences.

Overview

1. Have an option for disabling override.cfg for exported projects as a project setting that cannot be changed once exported. This should be independent of the pck encryption setting.
2. Under Application then Config for the Godot Project Settings there's a Project Settings Override where a path can be given for any file that can serve as an override.cfg. This can be useful especially for project settings that are only read on startup and cannot be changed at runtime. However, there should be an option for specifying a pass that, if filled out, is the pass for encrypting and decrypting this custom .cfg file.
3. Basic security features such as making res:// read-only on export is purely done for maintaining project integrity so this should fall in line with Godot's design philosophies.

Why is this necessary?

I've found that I need to specify a custom override.cfg in the user:// folder to switch from Vulkan to OpenGL on devices that don't support all the features that Vulkan requires for startup. My specific use case is that most devices support Vulkan but if it's detected that Vulkan doesn't work on the intended device, then OpenGL is a fallback. I'm only aware of the renderers being modifiable on startup from a configuration file like override.cfg.

The current implementation of these designated configuration files come with risks. The main one being arbitrary modification of them by a user. Right now they can only be stored in plain text and there's no way to encrypt or obfuscate. I'm aware there's no fool proof way to guarantee that a user will never be able to modify the file but right now it's too easy.

Why is arbitrary modification of configuration files a big deal?

It allows the user to potentially encounter undefined/unintended behavior. This can lead to crashes, graphical glitches, or simply just an experience that the developer did not intend. I'm not referring to player freedom concerning gameplay as that is a completely different topic, but more about the technical characteristics of the game itself.

[bruvzg]

See godotengine/godot#76161

[atlasapplications]

Thank you for mentioning that. As noted on line 1 this proposal is partially implemented by that pull request but there are some important differences. The main thing being that some of the above functionality is coupled with encrypting the PCK files. I feel these features should be independent of each other since one may want to disable override.cf but not necessarily compile their export templates from source.

[Calinou]

I've found that I need to specify a custom override.cfg in the user:// folder to switch from Vulkan to OpenGL on devices that don't support all the features that Vulkan requires for startup.

You can also start the project with the --rendering-method gl_compatibility command line argument, which can be provided with Steam launch options or .bat files.

[atlasapplications]

The target platforms for this project are iOS and Android so unfortunately .bat files and Steam launch options aren't applicable. However, with more research, I did notice that the OS class has create_instance which does accept command line arguments. The documentation states that this is implemented on iOS and Android so I will test if this is something that works as expected. Thank you Calinou!