Sandboxing? (was: RE: Lua 5.1.1 has been frozen)
[
Date Prev][
Date Next][
Thread Prev][
Thread Next]
[
Date Index]
[
Thread Index]
- Subject: Sandboxing? (was: RE: Lua 5.1.1 has been frozen)
- From: Tomas <tomas@...>
- Date: 2006年6月12日 09:32:44 -0300 (BRT)
Hi Greg
Ideally, I'd want to place all my standard library code in a single global environment and have each 'protected' environment access it in a controlled shared manner from its own environment. I could use multiple lua_states to get complete separation, but then all my library code needs to be loaded in each one. Lua threads go some way towards a solution.
Take a look at Rings:
http://www.keplerproject.org/rings/
It is a small library which offers a simple way to communicate
between Lua states: a dostring function. There is some restriction on
the types of values that can be exchanged.
I appreciate the way multiple environments can be used to contain code/data and 'hide' it from other environments while pointing to a shared global environment, but it seems to me that a programmer could still find his way around into places he shouldn't be using raw_get/set. Actually, it's not so much that a programmer *will* do it, but that they *could* do it. Our customers are very sensitive to this.
I don't know if I am missing something but we had developed VEnv
(http://www.keplerproject.org/venv) some time ago to achieve a protected
environment using Lua function environments but we couldn't manage a safe
way to load binary libraries (which will affect the original environment
and not the new one). Anyway, if you can live with that restriction, maybe
VEnv should be a better approach than Rings because it doesn't have the
types restrictions.
Feel free to ask me anything about those two libraries. We are
starting to work on a new version to Lua 5.1.
Tomas