[Date Prev][Date Next][Thread Prev][Thread Next]
[Date Index]
[Thread Index]
- Subject: Re: Lua script as data model
- From: "Peter Cawley" <lua@...>
- Date: Wed, 17 Sep 2008 15:01:44 +0100
My methods for ensuring that a lua config file is not turned into
something malicious:
1) Prevent Lua from loading binary chunks (even Lua 5.1.4 can be
caused to crash due to malicious binary chunks)
2) Make a minimum of the standard library available (if the config
files don't need the standard library, don't give it the standard
library)
3) If the config file shouldn't contain definitions of new functions,
make sure that after loading the file, it doesn't contain any function
definitions
4) If the config file shouldn't contain for loops and while loops,
make sure that after loading the file, it doesn't contain OP_JMP or
OP_[T]FOR[PREP] instructions
5) Add a debug hook to every function call and every 100 lines of
execution, in order to keep tabs on what the script is doing
Steps 3 and 5 require that you delve into Lua's internal data
structures (with the loaded chunk on the top of the stack, use
lua_topointer and cast to a Proto structure and then extract the info
you want)
2008/9/17 LAURENS Jérôme <jlaurens@users.sourceforge.net>:
> Hi list,
>
> I am new to lua.
>
> I plan to store some key->value preferences (and more) in a lua script file.
> My question concerns security:
> in case the script file is corrupted, is it possible to execute malicious
> code while lua is scanning back the file?
> In general, are there any required steps to prevent security issues when
> using lua scripts as data models?
>
> TIA.
>