This is a read-only snapshot of the ComputerCraft forums, taken in April 2020.
ComputerCraftAsk a Pro
MindenCucc's profile picture

Sandboxing

Started by MindenCucc, 13 May 2015 - 08:36 PM
MindenCucc #1

MindenCucc's profile picture

214 posts

Location /home/marcus/

Posted 13 May 2015 - 10:36 PM
I know that there are some questions about sandboxes, but the question is the same: is this sandbox safe? If not, then how could I improve it?

http://pastebin.com/SmHTkBQe

Usage:

new(function:sandboxed function, table:table used for the function environment, table:ignores table indexes (indicies?) from the underlying environment, table:underlying environment)

All of the parameters are optional.

Example:

local func = loadfile("test")
local env = { cheese = "garlic" }
sand.new(func, env, { lw = true, debug = true }, getfenv())

I'm not asking about fs safety. My question is, that is it possible, to access / break out to parent fenv using this sandbox?

//off-topic: there should be a topic about sandboxes, and breaking methods :P/> Because a lot of these kind of posts could be avoided.
Edited on 13 May 2015 - 08:43 PM
SquidDev #2

SquidDev's profile picture

1426 posts

Location Does anyone put something serious here?

Posted 14 May 2015 - 09:02 AM
Yes. I haven't tested but a brief read of your code means I can do:


setfenv(function()
  -- Hehehe, I'm executing in the global namespace
end, _G)

even if you sandbox _G I can do:


local _G = getfenv(aSandboxedFunction)

There is a topic on the main Lua website about sandboxes.