lua-users home
lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

On 22-Aug-05, at 7:38 PM, Alain wrote:

I am not sure that sandboxing can help me: I will have one lua state for each screen, many objects will have scripts that are executed according to screen events and may affect variables global to that screen/Lua-state. This should be protection enough because the sum of those events make the application. If I sandbox one script, it will not interact with the rest of the screen, at least this is what I understand.

That is one definition of sandbox, but the one that is being used here is a rather simpler one. We're not talking about separating two different environments. We're talking about setting up one environment, which is a protected environment. A sandbox.

There are two easy things you can do:

First, don't load libraries you don't need. Then no-one can use them. If you don't want any os interfaces, or any io, then simply take out the call to luaopen_os. Take out luaopen_debug. Then the functions plain and simply do not exist.

Alternatively, if you want to still let them call os.clock, but you don't want them to call os.system, just execute this code before you run any script:

os.system = nil

Then it's gone. (Or you could edit it out of the luaL_reg structure in the source code, so that it was never there in the first place.)

you can remove an entire library that way:

os = nil

So put down that book on yacc :) and just do it the simple way.