Re: Multiple lua instances

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

Subject: Re: Multiple lua instances
From: Rob Kendrick <rjek@...>
Date: 2010年1月19日 16:56:07 +0000

On 2010年1月19日 17:49:47 +0100
ingmar wirths <ingmania@googlemail.com> wrote:
> > The idea is that if a Lua function can't see another Lua function,
> > it can't call it, and it can't magic up a reference to it (unless
> > you expose the debug interface, of course. :) 
> 
> Allright, but since these restrictions are all implemented in lua, how
> can i enforce them, given that the user should be permitted to modify
> his ai? From the point of my limited knowledge so far, i guess the
> user could trivially escape from a sandbox, by just rewriting
> everything. Am i missing something here?
Because to /create/ the sandbox requires the calling of functions that
must be written in C and are included by default. You simply don't put
those functions in your sand box.
Trivial example:
	function sandboxed_function()
		print "hello, world!"
	end
	setfenv(sandboxed_function, { print = print })
	sandboxed_function()
Try altering the body of sandboxed_function as much as you like, the
only thing it'll be able to call is print.
B.

Follow-Ups:
- Re: Multiple lua instances, ingmar wirths

References:
- Multiple lua instances, ingmar wirths
- Re: Multiple lua instances, Rob Kendrick
- Re: Multiple lua instances, ingmar wirths
- Re: Multiple lua instances, Rob Kendrick
- Re: Multiple lua instances, ingmar wirths
- Re: Multiple lua instances, Rob Kendrick
- Re: Multiple lua instances, ingmar wirths

Prev by Date: Re: Multiple lua instances
Next by Date: Re: setfenv/getfenv
Previous by thread: Re: Multiple lua instances
Next by thread: Re: Multiple lua instances
Index(es):
- Date
- Thread