Run Lua scripts in a sandbox
Closed this issue · 2 comments
poco0317 commented
We dont properly do this at the moment and grant access to dangerous libraries as a result.
Relevant code area (the visible code would give a blank environment but is never used):
etterna/src/Etterna/Singletons/LuaManager.cpp
Lines 1240 to 1242 in 0a7bd76
poco0317 commented
not sandboxing, but this should resolve most of the concerns about unsafe functions being available: 093834e
poco0317 commented
reopen if desired but the security problems should be mostly if not entirely gone