Description
Dear contributers, dear community,
I'd like to build a web-application in python that can be extended using lua scripts. These extensions are contributed by affiliated developers, and in general, their code is trustworthy. But I'd sleep a bit better, if I could skip some of the standard libraries when creating a new LuaRuntime.
The io and os libraries are most critical as they provide access to the file system and allow to run any programs within the privileges of the user who is running the web server.
The problem comes with the call to the luaL_openlibs function. I'd be glad, if I could state in a list, which module should be loaded when creating a new LuaRuntime. This could help: http://stackoverflow.com/questions/4551101/lual-openlibs-and-sandboxing-scripts
Thanks a lot for the great library,
Timo