Register forum user name Search FAQ

Gammon Forum

Notice: Any messages purporting to come from this site telling you that your password has expired, or that you need to verify your details, confirm your email, resolve issues, making threats, or asking for money, are spam. We do not email users with any such messages. If you have lost your password you can obtain a new one by using the password reset link.

Due to spam on this forum, all posts now need moderator approval.

 Entire forum ➜ MUSHclient ➜ Lua ➜ Sandbox

Sandbox

It is now over 60 days since the last post. This thread is closed.     Refresh page


Posted by Nick Gammon   Australia  (23,133 posts)  Bio   Forum Administrator
Date Wed 24 Nov 2004 09:19 AM (UTC)
Message
A problem with all scripting languages is to make them powerful enough to be useful, but not too powerful that they could be abused by malicious scripts.

Lua has a nice solution to this problem. You can make a Lua "sandbox" by disabling functions that you consider dangerous.

For example, if you don't want people to use the Note function you can do this:


world.Note = nil


After doing this, although the code for Note still exists (it is inside the MUSHclient executable) you have removed the link from the word "Note" to the code, thus disabling it.

You can be more sophisticated than that, for example disabling a particular word. Here is an example of doing that:


do
  local oldnote = Note
  Note = function (...)
    for k, v in pairs (arg) do
      if string.find (v, "turkey") then
        error "Invalid note"
      end  -- if
    end  -- for
    oldnote (unpack (arg))
  end -- function
end -- do


If executed, the above code will replace the Note function with one that permanently disables being able to note a string with the word "turkey" in it.

It does this by saving the original Note function into a local variable, and then replacing it with its own version that checks for the word 'turkey', raising an error if found. If not found, it calls the original saved function.




MUSHclient's preliminary code

To help block out dangerous functions, for example:


os.execute "del mushclient.exe"


... MUSHclient has a 'preliminary script' box in its Global Preferences -> Lua section.

This has code that disables some 'dangerous' functions (like 'os') by setting them to nil.

If you are not planning to run untrusted scripts (eg. plugins) then you can edit that code and comment-out any parts you feel comfortable with having available to your scripts.

The code in this box is executed every time the Lua script engine is instantiated, in other words for every world, and every plugin.

There are suggestions in the default script for how you might modify it to block certain plugins (or worlds) but not others, from having access to dangerous commands.

- Nick Gammon

www.gammon.com.au, www.mushclient.com
Top

The dates and times for posts above are shown in Universal Co-ordinated Time (UTC).

To show them in your local time you can join the forum, and then set the 'time correction' field in your profile to the number of hours difference between your location and UTC time.


6,655 views.

It is now over 60 days since the last post. This thread is closed.     Refresh page

Go to topic:           Search the forum


[Go to top] top

Information and images on this site are licensed under the Creative Commons Attribution 3.0 Australia License unless stated otherwise.