lua-users home
lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]


On 19 Apr 2012, at 11:17, forum wrote:

> How can I run a safe sandbox from within a c/c++ application?

Can you explain what it is you actually mean by safe? This will vary a lot depending on the environment in which you're running the lua code.

> Yes I have read it. The point being just run an env without them.

Like others have said, if you don't want the io library, don't open it. However, that is not really safe at all, you also most likely need to not load the os library, or the debug library. Also if you're loading the package library, then you'll need to think about require(), and package.loadlib(). Also in the basic library, there are probably clever ways to parse the error returned by loadfile for partially reading files.

Amongst other things, we use lua as a data description format. When parsing data we don't load any libraries at all:

std::string script = data;
lua_State *l = luaL_newstate();
luaL_loadstring(l, script.c_str());
lua_pcall(l, 0, 0, 0);
//Examine the global state for the vars we want 

Obviously that needs some error checking.

Even with that, we have to consider the consequences of users doing silly things like allocating too much RAM or entering an infinite loop.

Creating a `safe sandbox' to run arbitrary code is very hard. The problem can't be tackled without knowing what kind of code you're running, and what is meant by safe.

Thanks,
Kev