Chapter 6. Sandboxing User Scripts

Until now, every morsel of wholesome API-making knowledge in this book has been aimed at the case of altruistic coders. I’ve assumed that the various programmer roles were all fundamentally benevolent or mostly harmless. I’ve told you how to write interfaces without regard to the integrity of your system in the face of colossal ignorance or the whims of rapscallious ne’er-do-wells.

All of that is about to change.

What if I were to tell you that there is a language that can easily run scripts written by anyone, on any server, and do so with a surprising balance of utility and constraint? That this language includes the ability to limit its virtual machine’s memory use, down to the very byte; and to limit its instruction count down to the individual bytecode operation? What if I were to tell you that this language is Lua itself?

This final, spine-tingling chapter opens by describing how users can put the icing on EatyGuy’s cake by writing their own custom behaviors for baddies. We then move on to examine the many forms of abuse that can occur when you give power to strangers. Finally, we’ll examine sandboxing techniques that limit availability to Lua’s libraries, to system memory, and to system processor time.