[Date Prev][Date Next][Thread Prev][Thread Next]
[Date Index]
[Thread Index]
- Subject: Re: Multiple lua instances
- From: Rob Kendrick <rjek@...>
- Date: Tue, 19 Jan 2010 18:01:15 +0000
On Tue, 19 Jan 2010 20:32:01 +0300
Bulat Ziganshin <bulat.ziganshin@gmail.com> wrote:
> > setfenv(sandboxed_function, { print = print })
>
> here body of sandboxed_function should be considered as example of
> script written by user.
> it can define functions and call functions provided in fenv, but
> nothing more. it's the whole idea - you give user access only to some
> set of functions. if you don't include here functions that load
> external C libraries or directly modify memory, then it's impossible
> to run out of your sandbox. everything that user can do is to call
> provided functions with some arguments
They can still loop for ever, and DoS you in a few other ways, though.
That's why the debug library is needed for extra security. (You can
use it to define how long a function can run for.)
B.
- References:
- Multiple lua instances, ingmar wirths
- Re: Multiple lua instances, Rob Kendrick
- Re: Multiple lua instances, ingmar wirths
- Re: Multiple lua instances, Rob Kendrick
- Re: Multiple lua instances, ingmar wirths
- Re: Multiple lua instances, Rob Kendrick
- Re: Multiple lua instances, ingmar wirths
- Re: Multiple lua instances, Rob Kendrick
- Re: Multiple lua instances, ingmar wirths
- Re[2]: Multiple lua instances, Bulat Ziganshin
