skip certain libraries (e.g. io and os) to sandbox semi-trusted code

[TimoStolz]

Dear contributers, dear community,

I'd like to build a web-application in python that can be extended using lua scripts. These extensions are contributed by affiliated developers, and in general, their code is trustworthy. But I'd sleep a bit better, if I could skip some of the standard libraries when creating a new LuaRuntime.

The io and os libraries are most critical as they provide access to the file system and allow to run any programs within the privileges of the user who is running the web server.

The problem comes with the call to the luaL_openlibs function. I'd be glad, if I could state in a list, which module should be loaded when creating a new LuaRuntime. This could help: http://stackoverflow.com/questions/4551101/lual-openlibs-and-sandboxing-scripts

Thanks a lot for the great library,
Timo

[kmike]

Hi @TimoStolz - not sure if it helps, but I had a similar issue recently, and used a pure-Lua sandbox like the one described here: http://lua-users.org/wiki/SandBoxes. The code I came up with is here: https://github.com/scrapinghub/splash/blob/master/splash/lua_modules/sandbox.lua. This sandbox is more restrictive than the one you're asking for - it is based on a whitelist instead of a blacklist, and it removes lots of useful stuff.