[Date Prev][Date Next][Thread Prev][Thread Next]
[Date Index]
[Thread Index]
- Subject: Giving users their own secure Lua environments - how?
- From: "Anders Bergh" <anders@...>
- Date: Fri, 15 Dec 2006 18:13:23 +0100
Hi,
I'm planning to write an IRC bouncer and would like to implement Lua
for various tasks that would be tedious to do in C. While I was
thinking about this, I came up with the idea that each user could have
their own sandboxed environment where they could automate certain
tasks, although I'm not quite sure how one would make this as secure
as possible.
The application won't be multi threaded, so a malicious user could run
code such as "while true do ... end" to make it freeze. I think I
could use lhf's lalarm to make it break after X seconds of execution -
but then everything will still freeze in X seconds. I don't really
want that, if possible.
Lua wouldn't only be used by the users - but would also be used to
implement some features and therefor will have full access to all C
functions. I'm not sure if I would have to have a separate lua_State
or if there is a Lua solution to make everyone share the same state,
but without access to functions that they aren't supposed to use.
I'd be glad to hear if anyone else did anything similar to what I'm
planning to do, and already came up with solutions to prevent
malicious code from running, etc :-)
--
Anders