Re: Survey of lua sandboxes?

lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

Subject: Re: Survey of lua sandboxes?
From: Nevin Flanagan <Alestane@...>
Date: Tue, 27 Dec 2011 08:41:07 -0500

On Dec 26, 2011, at 2:44 PM, hollyrosella@hushmail.com wrote:

Hi, everyone. Is lua used in any applications as a sandbox for untrusted code? I'm trying to justify my own choice of lua for this purpose, so especially cases where people would really like to break out of the sandbox would be nice to know about .

Holly

For the third World of Warcraft expansion, Daniel Stephens and I wrote a fairly rigorous sandbox to allow untrusted code to run with elevated privileges but tightly restricted information (sort of the inverse of a typical sandbox), but most of the same principles should apply. The core of it can be seen at https://github.com/tekkub/wow-ui-source/blob/live/FrameXML/RestrictedExecution.lua, and supporting files are in same directory.

Nevin Flanagan

References:
- Survey of lua sandboxes?, hollyrosella

Prev by Date: Re: Survey of lua sandboxes?
Next by Date: Re: Survey of lua sandboxes?
Previous by thread: Re: LuaJIT ported to SH4
Next by thread: Re: Survey of lua sandboxes?
Index(es):
- Date
- Thread