A lua sandbox for executing non-trusted code
Go to file
claudix dd964ac2bb
sandbox.protect() now returns as a second value the sandbox's environment
Returning the sandbox's environment to the sandbox caller gives flexibility to invoke functions defined in the caller's scope but using the sandbox's environment.
2024-03-14 10:48:08 +01:00
.github/workflows chore(ci) github actions for ci 2021-01-05 19:50:12 +01:00
spec tests - add test for overriding base env with false 2021-01-07 18:32:29 +01:00
CHANGELOG.md docs(changelog) document 1.0.1 2021-01-07 18:43:44 +01:00
MIT-LICENSE.txt added README and LICENSE 2013-09-03 17:13:39 +02:00
README.md chore - publish rockspec and add luarocks instructions 2021-01-07 11:38:37 +01:00
sandbox-1.0.1-4.rockspec chore(rockspec) fix the rockspec source url 2021-11-04 19:15:52 +01:00
sandbox.lua sandbox.protect() now returns as a second value the sandbox's environment 2024-03-14 10:48:08 +01:00

sandbox.lua

A pure-lua solution for running untrusted Lua code.

The default behavior is restricting access to "dangerous" functions in Lua, such as os.execute.

It's possible to provide extra functions via the options.env parameter.

Infinite loops are prevented via the debug library.

Supported Lua versions:

All the features of sandbox.lua work in the following Lua environments:

  • PUC-Rio Lua 5.1 allows execution of bytecode, which is a huge limitation (see the bytecode section below)
  • PUC-Rio Lua 5.2, 5.3, 5.4 have total support.
  • LuaJIT is not protected against infinite loops (see the notes in options.quota below)

Usage

Require the module like this:

local sandbox = require 'sandbox'

Then you can use sandbox.run and sandbox.protect

sandbox.run(code, options, ...)

sandbox.run(code, options, ...) sandboxes and executes code with the given options and extra params.

code must be a string with Lua code inside.

options is described below.

Any extra parameters will just be passed to the sandboxed function when executed, and available on the top-level scope via the ... varargs parameters.

In other words, sandbox.run(c, o, ...) is equivalent to sandbox.protect(c, o)(...).

Notice that if code throws an error, it is NOT captured by sandbox.run. Use pcall if you want your app to be immune to errors, like this:

local ok, result = pcall(sandbox.run, 'error("this just throws an error")')

sandbox.protect(code, options)

sandbox.protect("lua code") (or sandbox("lua code")) produces a sandboxed function, without executing it.

The resulting sandboxed function works as regular functions as long as they don't access any insecure features:

local sandboxed_f = sandbox(function() return 'hey' end)
local msg = sandboxed_f() -- msg is now 'hey'

Sandboxed options can not access unsafe Lua modules. (See the source code for a list)

When a sandboxed function tries to access an unsafe module, an error is produced.

local sf = sandbox.protect([[
  os.execute('rm -rf /') -- this will throw an error, no damage done
end
]])

sf() -- error: os.execute not found

Sandboxed code will eventually throw an error if it contains infinite loops (note: this feature is not available in LuaJIT):

local sf = sandbox.protect([[
  while true do end
]])

sf() -- error: quota exceeded

Bytecode

It is possible to exit a sandbox using specially-crafted Lua bytecode. References:

Because of this, the sandbox deactivates bytecode in all the versions of Lua where it is possible:

  • PUC-Rio Lua 5.2, 5.3, 5.4
  • LuaJIT

In other words, all except PUC-Rio Lua 5.1.

** The sandbox can be exploited in PUC-Rio Lua 5.1 via bytecode **

The only reason we keep Lua 5.1 in the list of supported versions of Lua is because sandboxing can help against users attempting to delete a file by mistake. It does not provide protection against malicious users.

As a result we strongly recommend updating to a more recent version when possible.

options.quota

Note: This feature is not available in LuaJIT

sandbox.lua prevents infinite loops from halting the program by hooking the debug library to the sandboxed function, and "counting instructions". When the instructions reach a certain limit, an error is produced.

This limit can be tweaked via the quota option. But default, it is 500000.

It is not possible to exhaust the machine with infinite loops; the following will throw an error after invoking 500000 instructions:

sandbox.run('while true do end') -- raise errors after 500000 instructions
sandbox.run('while true do end', {quota=10000}) -- raise error after 10000 instructions

If the quota is low enough, sandboxed code with too many calculations might fail:

local code = [[
  local count = 1
  for i=1, 400 do count = count + 1 end
  return count
]]

sandbox.run(code, {quota=100}) -- raises error before the code ends

If you want to turn off the quota completely, pass quota=false instead.

options.env

Use the env option to inject additional variables to the environment in which the sandboxed code is executed.

local msg = sandbox.run('return foo', {env = {foo = 'This is a global var on the the environment'}})

The env variable will be used as an "index" by the sandbox environment, but it will not be modified at all (changes to the environment are thus lost). The only way to "get information out" from the sandboxed environments are:

Through side effects, like writing to a database. You will have to provide the side-effects functions in env:

local val = 1
local env = { write_db = function(new_val) val = new_val end }
sandbox.run('write_db(2)')
assert(val = 2)

Through returned values:

local env = { amount = 1 }
local result = sandbox.run('return amount + 1', { env = env })
assert(result = 2)

Installation

Just copy sandbox.lua wherever you need it.

Alternatively, you can use luarocks:

luarocks install kikito/sandbox

License

This library is released under the MIT license. See MIT-LICENSE.txt for details

Specs

This project uses busted for its specs. In order to run them, install it and then:

cd /path/to/where/the/spec/folder/is
busted spec/*