How to remove particular functions from os library without editing the Lua headers or the scripts

3
votes

I have done my homework and studied other responses on this topic but none address my particular issue.

I want to remove the io library completely and the os only partially (let's say i want to keep os.clock() and others)

How can I achieve this only from the C API.

Due to the nature of the project I am not allowed to modify the Lua headers and the scripts that will be sent to me. These are not under my control. The only thing I can modify is the interpreter.

doing something like this:

lua_pushnil(state_pointer);
lua_setglobal(state_pointer, "os.execute");

won't help much because in the script the user can call os = require('os') and get all the functions back

I am not allowed to disable the require function so this makes things harder.

Any ideas?

PS:More of a curiosity: if I do something like

luaopen_base(L);
luaopen_table(L);
luaopen_string(L);
luaopen_math(L);
luaopen_loadlib(L); (basically i'm loading every library by hand except os and io)

instead of 

luaL_openlibs(L); (this loads all the libraries)

would os = require('os') or io = require('io') still work?

@Nicol Bolas don't know if i'm doing something wrong but os = require('os') & require('io') just brings everything back.

my code:

luaL_openlibs(LuaInstance);     /* load the libs        */ 
lua_pushnil(LuaInstance);
lua_setglobal(LuaInstance, "io");
lua_pushnil(LuaInstance);
lua_setglobal(LuaInstance, "os.execute");
lua_pushnil(LuaInstance);
lua_setglobal(LuaInstance, "os.rename");
lua_pushnil(LuaInstance);
lua_setglobal(LuaInstance, "os.remove");
lua_pushnil(LuaInstance);
lua_setglobal(LuaInstance, "os.exit");

In my script i just do a

os = require('os')
io = require('io')

after this os functions and io functions all work. os.exit still closes my app and io.write works as usual

2
lua
"the user can call os = require('os') and get all the functions back" - Did you try it? Doesn't seem to me like it would work.interjay

2 Answers

7
votes

won't help much because in the script the user can call os = require('os') and get all the functions back

No, it won't. Calling require(os) will simply return the os table. The same table you will have modified. So there's no problem.

So just modify the table after you register it. It will work, and it's really easy to test that it does.

luaopen_base(L);

Be advised: luaopen_* are not regular C functions. They are Lua C functions; they're functions that expect to be called via the standard Lua mechanisms. You can't call them directly from C.

In Lua 5.1, you must use push them on the stack and use lua_pcall or similar calling functions to call them. In Lua 5.2, you should use luaL_requiref, which will put their tables into the Lua require registry.

Your code has two problems. First:

lua_setglobal(LuaInstance, "io");
lua_pushnil(LuaInstance);

This does not actually change the table. It simply removes the reference to the table. If you want to change the table itself, then you must change the table. You have to get the io table and modify it. Walk the table and set each value in it to nil. Simply replacing the contents of the global variable called io will do nothing.

However, if you want to prevent io from being used entirely, you shouldn't register it to begin with.

The second problem is this:

lua_pushnil(LuaInstance);
lua_setglobal(LuaInstance, "os.execute");

This modifies the value of the global table who's key is ["os.execute"]. It is the equivalent of this Lua code:

_G["os.execute"] = nil

This is not the same as:

os.execute = nil;

When you use os.execute in Lua, that means to take the global table (_G), find the value with the key named "os" and find the "execute" key within the table fetched from "os".

When you do _G["os.execute"], what you're saying is to take the global table and find the value with the key named "os.execute".

See the difference?

What you want to do is get the table stored in the global variable os and modify that table. You can't use lua_setglobal, because the members of the os table are not globals; they're members of a table. Yes, the table that they are stored in just so happens to be a global. But you can't modify the members of a table stored in a global with lua_setglobal.

You have to do this:

lua_getglobal(L, "os");
lua_pushnil(L);
lua_setfield(L, -2, "execute");
lua_pushnil(L);
lua_setfield(L, -2, "rename");
lua_pushnil(L);
lua_setfield(L, -2, "remove");
lua_pushnil(L);
lua_setfield(L, -2, "exit");
lua_pop(L, 1);
3
votes

I'd suggest using a sandbox. See "How to create a secure Lua sandbox".

For require, make your own wrapper that validates the parameters before calling the real version, and only include your wrapper in the sandbox.