lua-users home
lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

> On 21. Jan 2022, at 8.09, Flyer31 Test <> wrote:
> sorry, another PPS: What would you then ask Lua to do, if somebody
> would try to modify _G inside sandbox or in later code? Should Lua
> then terminate with an error message, or just ignore this modification
> approach? (I think both possibilities would be quite bad, especially
> also for sandboxing...).

This is not only about _G. In a sandboxed app you need to protect all the module tables too and potentially any tables you pass between sandbox and privileged environments. Proxying everything has a major implementation & performance cost in many applications and it’s far from being elegant.

Luau C API has a function for setting a read only flag per table. Typically in a sandboxed app you protect _G and all the module tables after startup.

Trying to modify a read only table raises a Lua runtime error so it behaves identically for example to “trying to index a nil value” error.