library-mirrors/sandbox.lua
1
0
Fork 0
mirror of https://github.com/kikito/lua-sandbox.git synced 2024-12-18 03:04:20 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

edit README

Browse Source
This commit is contained in:
kikito 2014-04-28 13:58:39 +02:00
parent 779c5c4bb0
commit a4c0a9ad3d
1 changed files with 5 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
README.md
View File

@ -17,9 +17,7 @@ Usage
Require the module like this: Require the module like this:
``` lua ``` lua
local sandbox = require 'sandbox' local sandbox = require 'sandbox'
``` ```
### sandbox.protect ### sandbox.protect
@ -29,10 +27,8 @@ local sandbox = require 'sandbox'
A sandboxed function works as regular functions as long as they don't access any insecure features: A sandboxed function works as regular functions as long as they don't access any insecure features:
```lua ```lua
local sandboxed_f = sandbox(function() return 'hey' end) local sandboxed_f = sandbox(function() return 'hey' end)
local msg = sandboxed_f() -- msg is now 'hey' local msg = sandboxed_f() -- msg is now 'hey'
``` ```
Sandboxed options can not access unsafe Lua modules. (See the [source code](https://github.com/kikito/sandbox.lua/blob/master/sandbox.lua#L35) for a list) Sandboxed options can not access unsafe Lua modules. (See the [source code](https://github.com/kikito/sandbox.lua/blob/master/sandbox.lua#L35) for a list)
@ -40,25 +36,21 @@ Sandboxed options can not access unsafe Lua modules. (See the [source code](http
When a sandboxed function tries to access an unsafe module, an error is produced. When a sandboxed function tries to access an unsafe module, an error is produced.
```lua ```lua
local sf = sandbox.protect(function() local sf = sandbox.protect(function()
os.execute('rm -rf /') -- this will throw an error, no damage done os.execute('rm -rf /') -- this will throw an error, no damage done
end) end)
sf() -- error: os.execute not found sf() -- error: os.execute not found
``` ```
Sandboxed functions will eventually throw an error if they contain infinite loops: Sandboxed functions will eventually throw an error if they contain infinite loops:
```lua ```lua
local sf = sandbox.protect(function() local sf = sandbox.protect(function()
while true do end while true do end
end) end)
sf() -- error: quota exceeded sf() -- error: quota exceeded
``` ```
### options.quota ### options.quota
@ -113,9 +105,7 @@ In other words, `sandbox.run(f, o, ...)` is equivalent to `sandbox.protect(f,o)(
Notice that if `f` throws an error, it is *NOT* captured by `sandbox.run`. Use `pcall` if you want your app to be immune to errors, like this: Notice that if `f` throws an error, it is *NOT* captured by `sandbox.run`. Use `pcall` if you want your app to be immune to errors, like this:
``` lua ``` lua
local ok, result = pcall(sandbox.run, 'error("this just throws an error")')
local ok, result = pcall(sandbox.run, 'error("this just throws an error")')
``` ```
@ -134,7 +124,9 @@ Specs
This project uses [telescope](https://github.com/norman/telescope) for its specs. In order to run them, install it and then: This project uses [telescope](https://github.com/norman/telescope) for its specs. In order to run them, install it and then:
cd /path/to/where/the/spec/folder/is ```
tsc spec/* cd /path/to/where/the/spec/folder/is
tsc spec/*
```
I would love to use [busted](http://olivinelabs.com/busted/), but it has some incompatibility with `debug.sethook(f, "", quota)` and the tests just hanged up. I would love to use [busted](http://olivinelabs.com/busted/), but it has some incompatibility with `debug.sethook(f, "", quota)` and the tests just hanged up.