lua-users home
lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

Am Tue, 2 Aug 2011 20:30:25 +0200
schrieb Stefan Reich <>:

> Hello Lua people!
> I am currently realizing some ideas I have had for a long time
> regarding fine-grained customizable sandboxes.
> I had an earlier research project called "Imaginary Microcomputers"
> that explored this (parts of it still online) plus a few other
> projects. These projects yielded insights and prototypes; but what
> they lacked was the right programming language for the job.
> (Noteworthy language candidates included: Assembly, Java, Python, and
> "E".)
> There are very interesting applications for customizable, light-weight
> sandboxes that, to my knowledge, have not been realized anywhere yet.
> It all starts with a system that can run untrusted code safely. And
> then, optionally, you go on to connect running programs to each other
> in a well-defined, restricted way.
> I am happy to report that I think I have now finally found a language
> that is suitable for implementing this. As you may have guessed by
> now: It's Lua :)
> Lua seems to provide all the necessary means to create real sandboxes
> and extend/modify them the way I want. Even CPU and memory consumption
> can be limited which is an important feature that many other candidate
> languages I looked at did not provide.
> Here's the project homepage:
> I made a first release with a very simple script runner (safelua.lua)
> and two examples, downloadable from the project page.
> A general note: I don't intend to really "own" this project. I do want
> to maintain my own page about it. And maybe maintain some sort of
> steering oversight because I have a vision I want to see realized.
> Other than that, I really do welcome any and all collaboration here.
> And of course, you can always fork the thing if you feel that your
> vision is somehow cooler (hotter?) than mine :)
> In fact, if a better system exists that suits all my needs, I will be
> happy to throw mine away and use that system instead. However, I don't
> know of any such system yet.
> So, it does look like we're building something new here.
> Many components will want to be realized. A language definition for
> Safe Lua (quite simple really, it's just Lua with less globals and a
> bit of a new API). Safe Lua script runners, textual as well as
> graphical. Some simple means to combine scripts with each other.
> Standard components that take other scripts as input and/or output
> (this is where the real power of the approach begins).
> As for possible applications, here's a few:
> -Safe, portable, mobile agents
> -Execution of untrusted code without worries
> -Migrating running code from one machine to another with a single
> click -Cloning running programs with equally little effort
> -Orthogonal or semi-orthogonal persistence
> -Logging of each and all activity, including full replayability - live
> or post-portem
> -Self-unpacking data with arbitrary algorithms (procedural
> compression) -A complete "Safe Lua OS" could be developed, providing
> perfect portability and much better and easier to handle security than
> traditional OSes
> So... well well. As I said before: Contributions, questions or ideas
> will be very appreciated. (Don't flame me though... I might flame
> back! *grins broadly*)

I once made 'ulua' a suexec and chrooting lua interpreter:;a=tree;f=ulua

It is in no means polished yet, but already somewhat useful.
If you like it you can integrate this in safe-lua.


> Best regards to you all,
> Stefan Reich
> Software enthusiast / Activist of the German revolution