added README and LICENSE

This commit is contained in:
kikito 2013-09-03 17:13:39 +02:00
parent b1d69c89d7
commit ee9c0f9164
2 changed files with 78 additions and 0 deletions

20
MIT-LICENSE.txt Normal file
View File

@ -0,0 +1,20 @@
Copyright (c) 2013 Enrique García Cota
Permission is hereby granted, free of charge, to any person obtaining a
copy of this software and associated documentation files (the
"Software"), to deal in the Software without restriction, including
without limitation the rights to use, copy, modify, merge, publish,
distribute, sublicense, and/or sell copies of the Software, and to
permit persons to whom the Software is furnished to do so, subject to
the following conditions:
The above copyright notice and this permission notice shall be included
in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

58
README.md Normal file
View File

@ -0,0 +1,58 @@
sandbox.lua
===========
A pure-lua solution for running untrusted Lua code.
For now, sandbox.lua only works with Lua 5.1.x.
Usage
=====
local sandbox = require 'sandbox'
-- sandbox can handle both strings and functions
local msg = sandbox(function() return 'this is untrusted code' end)
local msg2 = sandbox("return 'this is also untrusted code'")
sandbox(function()
-- see sandbox.lua for a list of safe and unsafe operations
return ('I can use safe operations, like string.upper'):upper()
end)
-- Attempting to invoke unsafe operations (such as os.execute) is not possible
sandbox(function()
os.execute('rm -rf /') -- this will throw an error, no damage don
end)
-- It is not possible to exhaust the machine with infinite loops; the following
-- will throw an error after invoking 500000 instructions:
sandbox('while true do end')
-- The amount of instructions executed can be tweaked via the quota option
sandbox('while true do end', {quota=10000}) -- throw error after 10000 instructions
-- It is also possible to use the env option to add additional variables to the environment
sandbox('return foo', {env = {foo = 'This was on the environment'}})
Installation
============
Just copy sandbox.lua wherever you need it.
License
=======
This library is released under the MIT license. See MIT-LICENSE.txt for details
Specs
=====
This project uses [busted](http://olivinelabs.com/busted/) for its specs. In order to run them, install `busted` and then:
cd /path/to/where/the/spec/folder/is
busted