[Date Prev][Date Next][Thread Prev][Thread Next]
[Date Index]
[Thread Index]
- Subject: Re: Multiple lua instances
- From: ingmar wirths <ingmania@...>
- Date: Tue, 19 Jan 2010 17:34:25 +0100
Thanks for your help so far, i guess i have to study luas sandboxing
facilities. What still gives me frown, is that these sandboxing facilities
are all implemented in lua. A user, who wants to bypass any restrictions,
could just rewrite it, i guess. Or is the idea to have some basic lua
code, the user is not permitted to modify, and load the user modified
ai in some sandbox?
I feel compelled to further describe, why this is so important to me.
In my game the user may have submarines at his disposal. As long
as a submarine is diving, the user should not be able to give any
instructions to it nor receive any messages from it. And i don't want
him to do so "through" other units resp. their ai.
In an action game, a similar idea might be used, to enforce that
units only within some range may communicate.
2010/1/19 Rob Kendrick <rjek@rjek.com>:
> On Tue, 19 Jan 2010 17:07:18 +0100
> ingmar wirths <ingmania@googlemail.com> wrote:
>
>> > Is there a specific reason you're wanting to use different states
>> > rather than the more usual sand-boxing approaches by using
>> > environment tables?
>>
>> Well, as i sad, i want to restrict communication between units and
>> provide an communication api to enforce this. A glimpse on
>> environment tables looked promising at first, but on a second
>> thought, since i want to permit the user to modify the ai, he could
>> probably easy bypass these restrictions.
>
> It's easy to provide an API to your sandboxed functions that your
> trusted Lua can process. And it can be made quite difficult to break
> out of these sandboxes. (Especially with liberal use of the debugging
> library.)
>
> B.
>