lua-users home
lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]


On Mon, Aug 22, 2005 at 10:58:25PM -0300, Alain wrote:
> That is ok and most of the time works. Users most of the time have a way 
> of transforming a situation, and then is when I don't trust them.
> 
> If a user can say: "The specs say it is Lua code, this is Lua code so it 
> should work for you too". That is when they get most agressive. When I 
> can say that it isn *not* lua, but something with special limitation and 
> if I can enforce such limitations, then I *can*trust* the users because 
> they have no ground for argueing.
> 
> In the last years, I learned some interesting things about users: if 
> they thing that they will get away with it, they will try to break it. 
> If they feel that you can catch them (audit logs, video recordings) then 
> they don't even try.

So, replace all the 'dangerous' functions with:

function os.execute()
	emailSysAdmin()
	print [[
This function is disabled. You are very bad for trying to use it. The
system administrator has been notified. Big brother is watching.
]]
end

If you run Lua with a sandbox, it /is/ a restricted version and you
/can/ enforce that. And you /can/ tell your users it's a restricted
version. Why are you so convinced that sandboxing won't do what you
want?

-- Jamie Webb