> I suspect most sandboxes don't expose the IO library at all (mine certainly does not), since unmediated file access is usually one of the things that sandboxing exists to prevent.
I can certainly think of cases when the IO library might perfectly well be accessible to sandboxed Lua code. But, anyway, I used the standard IO library merely as a concrete and well-known example. The issue is general and applies to any C library whose userdata must be cleaned up before they are freed by Lua.
Cheers,
V.