Re: Loose sandbox

lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

Subject: Re: Loose sandbox
From: "Patrick Donnelly" <batrick.donnelly@...>
Date: Thu, 17 Jul 2008 15:49:01 -0600

Hi,

I made a sandbox for safe execution in IRC (about as hostile as it
gets). It has worked very well. I don't think it will suit your
purposes but there are many things you could learn from it.

http://www.unm.edu/~batrick/files/sandbox.lua

I recommend running user code in a coroutine. This offers many
benefits not least of which you no longer need to worry about
setfenv/getfenv accessing inappropriate function levels. Further, if
you set the environment of their thread (using debug.setfenv), all C
functions will use that environment. Of course, any Lua functions you
add to their sandbox will need to be protected in some way.

Good luck,

-- 
-Patrick Donnelly

"One of the lessons of history is that nothing is often a good thing
to do and always a clever thing to say."

-Will Durant

Follow-Ups:
- Re: Loose sandbox, Michael Gerbracht

References:
- Loose sandbox, Michael Gerbracht

Prev by Date: Re: [ANN] patch-lua-5.1.3
Next by Date: Web services
Previous by thread: Re: Loose sandbox
Next by thread: Re: Loose sandbox
Index(es):
- Date
- Thread