Follow-up Comment #9, bug #15624 (project freeciv):
The first proposed solution, providing an unbreakable sandbox, is not the
best solution. The problem with the first patch is that tolua exposes all the
userdata types' metatables (as the names of each type), and the script can
then overwrite special functions, such as the '__gc' slot, and we can't
control when that function is called.
It is possible to make all the metatables read-only but it gets more
complicated, and we haven't gone trough all of tolua yet.
It is easier to just block the io and os libraries.
Reply to this item at:
Meddelandet skickades via/av Gna!
Freeciv-dev mailing list