Expand description
Shared sandbox helpers: the canonical strict capability-strip list and a
global-stripping routine, used by both the CLI --sandbox flag and
lua-rs-runtime’s SandboxConfig::strict() so the dangerous-globals list
has a single source of truth.
The instruction and memory budget itself is installed separately via
lua_vm::state::LuaState::install_sandbox_limits; capability stripping is
defense-in-depth on top of the host-hook gating.
Constants§
- STRICT_
REMOVED_ GLOBALS - Globals removed by the strict sandbox preset: the code-loading and
host-access surfaces. A
.-separated entry nils a field of a sub-table (e.g.os.execute); a bare name nils a top-level global.
Functions§
- strip_
globals - Delete the named globals from
_G. Each entry is either a bare global name or ahead.tailpath naming a field of a sub-table.