[Date Prev][Date Next][Thread Prev][Thread Next]
[Date Index]
[Thread Index]
- Subject: Re: Using Lua for config files
- From: Roberto Ierusalimschy <roberto@...>
- Date: Thu, 19 Dec 2013 13:54:23 -0200
> Rather than controlling what users can do, I would prefer to control the effect they can have. Why should they not have the benefit of a full featured language to configure your program?
>
> So, for example, assuming you are using Lua as an embedded language, run the configuration script in its own Lua state and then have a (protected) procedure to copy the resultant data structures over into your main Lua state, with verification and filtering as necessary.
>
Probably I am being too naive, but I have written a very simple sandbox
that seems to be enough to ensure a "safe" execution of a script. It
simply uses debug hooks to control CPU usage, finalizers to control
memory usage, and a restricted environment (emtpy by default) to control
what the script can call. It would be nice if other people could
check it. (It assumes Lua 5.2.)
-- Roberto
local debug = require'debug'
assert(arg[1], "usage: lua protect.lua script")
-- maximum memory (in KB) that can be used
local memlimit = 10000
-- maximum "steps" that can be performed
local steplimit = 1000
-- what the script can call (beware what you put here!!!)
local basiclib = {}
do
-- track memory use
local mt = {__gc = function (u)
if collectgarbage("count") > memlimit then
error("script uses too much memory")
else
setmetatable({}, getmetatable(u))
end
end}
setmetatable({}, mt)
end
local count = 0
local function step ()
count = count + 1
if count > steplimit then
error("script uses too much CPU")
end
end
local f = assert(loadfile(arg[1], "t", basiclib))
debug.sethook(step, "c", 100)
f()
