Differences from Standard Lua
LuaSandbox provides a sandboxed environment which differs in some ways from standard Lua 5.1.
Features that are not available
-
dofile(), loadfile(), and the io package, as they allow direct filesystem access. If needed, filesystem access should be done via PHP callbacks.
-
The package package, including require() and module(), as it depends heavily on direct filesystem access. A pure-Lua rewrite such as that used in the MediaWiki Scribunto extension may be used instead.
-
load() and loadstring(), to allow for static analysis of Lua code.
-
print(), since it outputs to standard output. If needed, output should be done via PHP callbacks.
-
Most of the os package, as it allows manipulation of the process and executing of other processes.
-
Most of the debug package, as it allows manipulation of Lua state and metadata in ways that can break sandboxing.
-
string.dump(), as it may expose internal data.
-
collectgarbage(), gcinfo(), and the coroutine package have not been reviewed for security.
Features that have been modified
-
pcall() and xpcall() cannot catch certain errors, particularly timeout errors.
-
tostring() does not include pointer addresses.
-
string.match() has been patched to limit the recursion depth and to periodically check for a timeout.
-
math.random() and math.randomseed() are replaced with versions that don't share state with PHP's rand().
-
The Lua 5.2 __pairs and __ipairs metamethods are supported by pairs() and ipairs().
User Contributed Notes
There are no user contributed notes for this page.