updated README

This commit is contained in:
kikito 2013-09-13 13:20:24 +02:00
parent a12502d68e
commit 721878115a

View File

@ -10,29 +10,31 @@ Usage
local sandbox = require 'sandbox'
`sandbox(f, options)` and `sandbox.protect(f, options)` are synonyms. They return a sandboxed version of `f`.
`options` is not required. So far the only possible options are `env` and `quota` (see below)
`sf = sandbox(f, options)` and `sf = sandbox.protect(f, options)`
-----------------------------------------------------------------
Those two are synonyms. They return a sandboxed version of `f`.
`options` is not required. So far the only possible options are `env` and `quota`
local sandboxed_f = sandbox(function() return 'hey' end)
local msg = sandboxed_f() -- msg is now 'hey'
`sandbox.run(f)` sanboxes a function and executes it. f can be either a string or a function
Only safe modules and operations can be accessed from a sandboxed function. See the source code for a list of safe/unsafe operations.
local msg = sandbox.run(function() return 'this is untrusted code' end)
local msg2 = sandbox.run("return 'this is also untrusted code'")
Only safe modules and operations can be accessed from the sandboxed mode. See the source code for a list of safe/unsafe operations.
sandbox.run(function()
local f1 = sandbox.protect(function()
return string.upper('string.upper is a safe operation.')
end)
Attempting to invoke unsafe operations (such as `os.execute`) is not permitted
sandbox.run(function()
os.execute('rm -rf /') -- this will throw an error, no damage don
local f2 = sandbox.protect(function()
os.execute('rm -rf /') -- this will throw an error, no damage done
end)
f1() -- ok
f2() -- error: os.execute not found
### `options.quota (default 500000)`
It is not possible to exhaust the machine with infinite loops; the following will throw an error after invoking 500000 instructions:
sandbox.run('while true do end')
@ -41,21 +43,37 @@ The amount of instructions executed can be tweaked via the `quota` option (defau
sandbox.run('while true do end', {quota=10000}) -- throw error after 10000 instructions
It is also possible to use the env option to add additional variables to the environment
### `options.env (default {})`
sandbox.run('return foo', {env = {foo = 'This was on the environment'}})
Use the `env` option to add additional variables to the environment
If provided, the env variable will be heavily modified by the sanbox (adding base modules like string)
The sandboxed code can also modify the env
local msg = sandbox.run('return foo', {env = {foo = 'This is on the environment'}})
If provided, the `env` variable will be modified by the sanbox (adding base modules like `string`)
The sandboxed code can also modify the sandboxed function. Make sure to securize it if needed.
local env = {amount = 1}
sandbox.run('amount = amount + 1', {env = env})
assert(env.amount = 2)
Finally, you may pass parameters to the sandboxed function directly in `sandbox.run`. Just add them after the `options` param.
local secret = sandbox.run(function(a,b) return a + b, {}, 1, 2)
assert(secret == 3)
`result = sandbox.run(f, options, ...)`
---------------------------------------
`sandbox.run` sanboxes a function and executes it. `f` can be either a string or a function
local msg = sandbox.run(function() return 'this is untrusted code' end)
local msg2 = sandbox.run("return 'this is also untrusted code'")
`sandbox.run(f, o, ...)` is equivalent to `sandbox.protect(f,o)(...)`.
`options` works exactly like in `sandbox.protect`.
`sandbox.run` also returns the result of executing `f` with the given params after `options`, if any (notice that strings can't accept parameters).
Notice that if `f` throws an error, it is *NOT* captured by `sandbox.run`. Use `pcall` if you want your app to be immune to errors, like this:
local ok, result = pcall(sandbox.run, 'error("this just throws an error")')
Installation