lua-users home
lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]


On Mon, Oct 7, 2013 at 9:25 PM, Sean Conner <sean@conman.org> wrote:
It was thus said that the Great Rena once stated:
> Does anyone have experience running Lua safely as root? What environment
> variables, files, and behaviours to watch out for to avoid creating a
> security flaw or potentially breaking something? I recall hearing about Lua
> being used in the BSD kernel, so I think it should be possible.

  I do.  I've written a few programs in Lua that I run as root, but they
have a well defined function, and none of the programs execute arbitrary Lua
code (in other words, I know the code being run as root).

  But I'm not sure what you are asking in particular.  It's easy to create a
Lua jail (I've done that too), but if you are running as root, it's because
you want to do something that root can only do, so my question to you is:
what are you trying to do?

  -spc



In particular I'm interested in reading a lot of system information from /proc and making it available to another program in a somewhat saner format for display. Some things in /proc can only be read by root.

--
Sent from my Game Boy.