mlua icon indicating copy to clipboard operation
mlua copied to clipboard

Published 20 hours ago verified publisher icon mlua-rs

Is it possible to sandbox lua functionalities?

Open blarfoon opened this issue 2 years ago • 2 comments
trafficstars

I am working on a plugin system and would like to explicitly whitelist permissions to access any native functionality. By default, lua should not access anything external (no network, I/O) unless permission has been granted. Is this possible?

blarfoon avatar Dec 20 '22 18:12 blarfoon

https://docs.rs/mlua/latest/mlua/struct.Lua.html#method.new_with you already can limit which stdlib code is loaded when creating Lua object. and then you can simply provide custom host bindings which will add custom limitations etc..

coderedart avatar Dec 20 '22 20:12 coderedart

Lua does have api's for this however sandboxing is, as always hard to get right. You can probably use https://github.com/kikito/lua-sandbox as a starting point if nothing else. It is a single lua file so you should be able to just embed it in your rust binary and go from there.

No need for mlua to do anything else.

lenscas avatar Dec 21 '22 11:12 lenscas