How to create a Sandbox in Lua?

In order to create a sandbox and to be able to use it we must first understand what a sandbox is and why we need it. A sandbox is term that is used in different fields of computer science, like in case we are talking about the software testing domain, then a sandbox is a testing environment that isolates untested code changes and outright experimentation from the production environment and if we talk about cybersecurity, then a sandbox is an environment that is an isolated virtual machine in which potentially unsafe software code can execute.

Sandboxing is basically all about isolating a piece of software and that piece of software is isolated with the help of the sandbox. It should be noted that sandboxing is a bit tricky and generally difficult to get right.

Lua provides different approaches to creating a sandbox and also it provides different keywords and functions that we can make use inside of a sandbox.

Example

Now, let’s create a simple sandbox in which we will store the untrusted code.

Consider the example shown below −

 Live Demo

function print_env()
   print(_ENV)
end
function sandbox()
   print(_ENV)
   -- need to keep access to a few globals:
   _ENV = { print = print, print_env = print_env, debug = debug, load = load }
   print(_ENV)
   print_env()
   local code1 = load('print(_ENV)')
   code1()
   debug.setupvalue(code1, 1, _ENV) -- set our modified env code1()
   local code2 = load('print(_ENV)', nil, nil, _ENV) -- pass 'env' arg code2()
end
sandbox()

Output

table: 0x1a409c0
table: 0x1a47790
table: 0x1a47790
table: 0x1a409c0
table: 0x1a47790
table: 0x1a47790