# How to create a Sandbox in Lua?

LuaServer Side ProgrammingProgramming

In order to create a sandbox and to be able to use it we must first understand what a sandbox is and why we need it. A sandbox is term that is used in different fields of computer science, like in case we are talking about the software testing domain, then a sandbox is a testing environment that isolates untested code changes and outright experimentation from the production environment and if we talk about cybersecurity, then a sandbox is an environment that is an isolated virtual machine in which potentially unsafe software code can execute.

Sandboxing is basically all about isolating a piece of software and that piece of software is isolated with the help of the sandbox. It should be noted that sandboxing is a bit tricky and generally difficult to get right.

Lua provides different approaches to creating a sandbox and also it provides different keywords and functions that we can make use inside of a sandbox.

## Example

Now, let’s create a simple sandbox in which we will store the untrusted code.

Consider the example shown below −

Live Demo

function print_env()
print(_ENV)
end
function sandbox()
print(_ENV)
_ENV = { print = print, print_env = print_env, debug = debug, load = load }
print(_ENV)
print_env()
code1()
debug.setupvalue(code1, 1, _ENV) -- set our modified env code1()
local code2 = load('print(_ENV)', nil, nil, _ENV) -- pass 'env' arg code2()
end
sandbox()

## Output

table: 0x1a409c0
table: 0x1a47790
table: 0x1a47790
table: 0x1a409c0
table: 0x1a47790
table: 0x1a47790

Updated on 20-Jul-2021 14:32:05