I built a lib for setup a lua 5.1 secured environment named jail. It's far to be finish but it's already disable some dangerous functions.
How it run ?
I'm setup a short main.lua :
Code: Select all
BASEDIR="jailpack/" -- the directory where safeload.lua and lib/ are. love.filesystem.load("jailpack/safeload.lua")("game.lua")
The game.lua is the usual main.lua.
How to check a game in the jail ?
- Make a copy of your game directory (just for backup)
- copy the jailpack directory in your game directory (near your main.lua)
- Rename your main.lua to game.lua
- Copy the jailpack/main.lua to main.lua
- Test it !
What is done ? What is still to do ?
In summary :
- math, string, table are allowed, no filter.
- os, io, package are filtred
- love table are not filtered for now, will be.
- file, coroutine, debug are disabled
For details see directly the lib/luajail.lua.
The love restriction is in lib/lovejail.lua
0.1.0 - first alpha release
0.2.0 - allow to use require() properly (major bug fixed)
0.3.0 - full support of modules, allow to configure hybrid module loads