Sandboxing in Lua 5.2

lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

Subject: Sandboxing in Lua 5.2
From: Alexander Gladysh <agladysh@...>
Date: Sat, 7 May 2011 12:21:51 +0400

Hi, list!

I apologize for being lazy, but can someone please summarize for me,
how environment sandboxing is to be done in 5.2? (I assume that
nothing is changed for CPU and memory sandboxing.)

In my code I heavily rely on the following pattern (pseudocode):

-- users_code.lua

foo()
bar()
baz = true
return 42

-- system_code.lua

local do_in_environment = function(chunk, env)
  arguments(
      "function", chunk,
      "table", env
    )

  setfenv(chunk, env)

  return xpcall(chunk, debug.traceback)
end

local env = -- Whitelist
{
  foo = foo;
  bar = bar;
}

local ok, result = assert(
    do_in_environment(
        assert(loadfile("users_code.lua")),
        env
      )
  )

print(result, env.baz)

Thanks,
Alexander.

Follow-Ups:
- Re: Sandboxing in Lua 5.2, Renato Maia

Prev by Date: Re: Explanation needed for setfenv replacement for Lua 5.2
Next by Date: Re: Sandboxing in Lua 5.2
Previous by thread: Re: OO in lua trouble: inherit
Next by thread: Re: Sandboxing in Lua 5.2
Index(es):
- Date
- Thread