lua-users home
lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]


On Tue, Jun 25, 2019 at 11:18 PM Andrew Gierth <andrew@tao11.riddles.org.uk> wrote:

> I suspect most sandboxes don't expose the IO library at all (mine certainly does not), since unmediated file access is usually one of the things that sandboxing exists to prevent.

I can certainly think of cases when the IO library might perfectly well be accessible to sandboxed Lua code. But, anyway, I used the standard IO library merely as a concrete and well-known example. The issue is general and applies to any C library whose userdata must be cleaned up before they are freed by Lua.

Cheers,
V.