[Date Prev][Date Next][Thread Prev][Thread Next]
[Date Index]
[Thread Index]
- Subject: Re: Loose sandbox
- From: "Patrick Donnelly" <batrick.donnelly@...>
- Date: Thu, 17 Jul 2008 15:49:01 -0600
Hi,
I made a sandbox for safe execution in IRC (about as hostile as it
gets). It has worked very well. I don't think it will suit your
purposes but there are many things you could learn from it.
http://www.unm.edu/~batrick/files/sandbox.lua
I recommend running user code in a coroutine. This offers many
benefits not least of which you no longer need to worry about
setfenv/getfenv accessing inappropriate function levels. Further, if
you set the environment of their thread (using debug.setfenv), all C
functions will use that environment. Of course, any Lua functions you
add to their sandbox will need to be protected in some way.
Good luck,
--
-Patrick Donnelly
"One of the lessons of history is that nothing is often a good thing
to do and always a clever thing to say."
-Will Durant