I am trying to create a Lua sandbox Box, some of the Lua functions can access some other Lua functions outside the sandbox. For example, I want my sandbox to have a special “display” function that can call “print” but there is no “print” in the sandbox.
The main problem is that I am trying to build a sandbox in an already large code base, so I cannot ignore the functionality.
How is this possible?
Since there is no fault of mine, the solution must be a pure Lua function.
< p>>Create a sandbox environment through the cherry pick function and values
>Load the script (compile it and return it as a function)
>Set the script environment to the sandbox environment
>Execute in the sandbox Script
So,
local script = loadstring "display(math.log(2, 3))"
local env = {display = print, math = math, string = string)
setfenv(script, env)
pcall(script)
Printing
0.69314718055995
and
local script = loadstring "print(math.log(2, 3))"
local env = {display = print, math = math, string = string)
setfenv(script, env)
pcall(script)
Failed
< pre>false [string “print(math.log(2, 3))”]:1: attempt to call global’print’ (a nil value)
Me I am trying to use How can I create a secure Lua sandbox? to build my own vulnerability sandbox.
I am trying to create a Lua sandbox, some of which can access Lua functions outside the sandbox Some other Lua functions. For example, I want my sandbox to have a special “display” function that can call “print” but there is no “print” in the sandbox.
The main problem is that I am Try already A sandbox is built in a large code base, so I can’t ignore the functionality.
How is this possible?
Since there is no fault of mine, the solution must be a pure Lua function.
When creating a sandbox, you can Select functions and values from the environment to create a new sandbox environment. You don’t need to destroy or “delete” anything in the original environment.
>Create a sandbox with cherry pick functions and values Environment
>Load the script (compile it and return it as a function)
>Set the script environment to the sandbox environment
>Execute the script in the sandbox
So, p>
local script = loadstring "display(math.log(2, 3))"
local env = {display = print, math = math, string = string}< br />setfenv(script, env)
pcall(script)
Printing
0.69314718055995
and p>
local script = loadstring "print(math.log(2, 3))"
local env = {display = print, math = math, string = string}< br />setfenv(script, env)
pcall(script)
Failed
false [string "print(math.log( 2, 3))"]:1: attempt to call global'print' (a nil value)