lua-users home
lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

David Kolf schrieb:
> But now I noticed another problem which makes it look to me like you
> can't use that for sandboxes at all. Consider the following code:
>   code = "local dummy = nil end; do os.remove (\"something\")"
>   f = loadstring ("in ... do " .. code .. " end")
> The new function f would read (indented for clarity):
>   in ... do
>     local dummy = nil
>   end;
>   do
>     os.remove ("something")
>   end
> Or did I miss something again?

Ah, I just answered that question myself. Instead of loadstring I could
use loadin to place the code in an empty environment so if it decides to
break out it wouldn't have gained anything.

With this solution you wouldn't need to write the "in ... do [..] end"
in the loader, but the included file itself can contain the wrapper in
order to get the full functionality and leave the empty environment.

I guess I am finally convinced now. ;-)