Closed wateret closed 4 years ago
Do we need to use sol::environment
? -> I don't see the reason for now.
I am not sure about this but the strategy for now is unset UNSAFE functions that are loaded by open_libraries()
.
sol::lib
enum : https://sol2.readthedocs.io/en/latest/api/state.html#lib-enumsol::lib
: http://www.lua.org/manual/5.3/manual.html#6
Lua scripts can do almost everything to our running environment. But this could be vulnerable so we need to limit if some features are not necessary for scenario scripts and may be harmful. E.g. access to file system
Currently I am not 100% sure on this concept and what features to prohibit.
References for studying "Sandboxes"
http://lua-users.org/wiki/LuaSecurity http://lua-users.org/wiki/SandBoxes https://en.wikipedia.org/wiki/Sandbox_(computer_security) https://stackoverflow.com/questions/1224708/how-can-i-create-a-secure-lua-sandbox
Features to prohibit
require
function?)...