Empathy List Archives

JB

Jordan Brown

Wed, Jul 9, 2025 6:06 PM

On 7/9/2025 3:59 AM, jjvbhh via Discuss wrote:

I'm no so firm in python, but I can tell, what we did in some embedded
systems to sandbox Lua-Scripts

Call user script in an environment with

removed globals, which have filesystem access: loadfile, dofile,
module, require
removed packages, which have filesystem access: os, io

added supporting functions

load_file(path), save_file(path,...) with path verified to be only in
an allowed list of folders/directories.
printf(...) for formatted output

I don't know, if similar is possible in python, but we believe in Lua
this is safe.

Let's not discuss it here, but the summary seems to be that people have
tried that kind of approach and Python has enough introspection
capability that a villain can follow breadcrumbs and find whatever
functions they want, even if they aren't exposed.

You will find a fair number of web pages saying how to do it, and you
will also find smart people who have tried hard to do it and failed. I
have to suspect that the pages that say they know how to do it just
haven't had their approaches attacked by people who know the loopholes.

There's a pretty extensive discussion here:
https://discuss.python.org/t/extending-subinterpreters-with-sandboxing-capabilities/45355/18
that refers to a postmortem of a previous project here:
https://lwn.net/Articles/574215/

But this is way off topic for this mailing list; please don't continue it.

On 7/9/2025 3:59 AM, jjvbhh via Discuss wrote: > I'm no so firm in python, but I can tell, what we did in some embedded > systems to sandbox Lua-Scripts > > Call user script in an environment with > - removed globals, which have filesystem access: loadfile, dofile, > module, require > - removed packages, which have filesystem access: os, io > > added supporting functions > > load_file(path), save_file(path,...) with path verified to be only in > an allowed list of folders/directories. > printf(...) for formatted output > > I don't know, if similar is possible in python, but we believe in Lua > this is safe. Let's not discuss it here, but the summary seems to be that people have tried that kind of approach and Python has enough introspection capability that a villain can follow breadcrumbs and find whatever functions they want, even if they aren't exposed. You will find a fair number of web pages saying how to do it, and you will also find smart people who have tried hard to do it and failed. I have to suspect that the pages that say they know how to do it just haven't had their approaches attacked by people who know the loopholes. There's a pretty extensive discussion here: https://discuss.python.org/t/extending-subinterpreters-with-sandboxing-capabilities/45355/18 that refers to a postmortem of a previous project here: https://lwn.net/Articles/574215/ But this is way off topic for this mailing list; please don't continue it.

M

mikeonenine@web.de

Wed, Jul 9, 2025 7:02 PM

Jordan Brown wrote:

But this is way off topic for this mailing list; please don't continue it.

My fault, haha (mischief).

I should never have asked Sanjeev about Python here.

Next time I get sidetracked, I’ll start a new thread.

There’s an important discussion here about safety that will be effectively hidden for future generations.

Jordan Brown wrote: > But this is way off topic for this mailing list; please don't continue it. My fault, haha (mischief). I should never have asked Sanjeev about Python here. Next time I get sidetracked, I’ll start a new thread. There’s an important discussion here about safety that will be effectively hidden for future generations.

GS

Guenther Sohler

Wed, Jul 9, 2025 8:53 PM

I just completed a small lua example, which yields all the features which
are required to add onto python.

calls back into open/pythonscad
custom types ( i still miss type checking for custom types)
object oriented programming would be nice, but not checked
named function arguments only confirmed, not tested

So probably I can start to make my 1st lua code possible by creating a
sphere.
Once scaffolding is done, is anybody interested in driving this task ?

On Wed, Jul 9, 2025 at 3:25 PM jjvbhh via Discuss <
discuss@lists.openscad.org> wrote:

Am 09.07.25 um 13:52 schrieb Guenther Sohler via Discuss:

Does Lua have named arguments in function calls

Can be done by passing a table as argument.

somefunction{width=123,height=456,color="blue"}

and is there an easy-to-use embeddable package ?

Embedding Lua in C or C++ is – no, not a one-liner – but in about 30…50
lines, depending on your needs. Argument passing and error catching is
quite simple.

You can find a simple example in
https://github.com/bassklampfe/lua4hydrogen/blob/main/midi2hydrogen-qt/midi2hydrogen-qt.cpp
(in one of my repositories in my personal github account)

And also google "embedding lua in c++" will give you 1000s of hints.
Explicit like above example or also ready to use C++-classes.

On the other side it's also simple to Map a C++ Class to Lua.
Simple example https://github.com/jjvbsag/COMPLEX/blob/master/lcomplex.cpp
(in one of my repositories in my ex-company github account)

Again, google will show you all further examples.

But for me, the best in Lua are the dependencies. The plane Lua
interpreter just has got ONE! A working C-Compiler with stdlib! And Lua is
small.

stat -c%s $(which lua5.1)
194872

stat -c%s $(which python3.10)
5937800

But, please let us now stop discussion Lua in this Mailing list about
OpenSCAD.
Regards

On Wed, Jul 9, 2025 at 1:00 PM jjvbhh via Discuss <
discuss@lists.openscad.org> wrote:

Hi Folk
I'm no so firm in python, but I can tell, what we did in some embedded
systems to sandbox Lua-Scripts

Call user script in an environment with

removed globals, which have filesystem access: loadfile, dofile,
module, require
removed packages, which have filesystem access: os, io

added supporting functions

load_file(path), save_file(path,...) with path verified to be only in an
allowed list of folders/directories.
printf(...) for formatted output

I don't know, if similar is possible in python, but we believe in Lua
this is safe.

Regards

OpenSCAD mailing list
To unsubscribe send an email to discuss-leave@lists.openscad.org

I just completed a small lua example, which yields all the features which are required to add onto python. * calls back into open/pythonscad * custom types ( i still miss type checking for custom types) * object oriented programming would be nice, but not checked * named function arguments only confirmed, not tested So probably I can start to make my 1st lua code possible by creating a sphere. Once scaffolding is done, is anybody interested in driving this task ? On Wed, Jul 9, 2025 at 3:25 PM jjvbhh via Discuss < discuss@lists.openscad.org> wrote: > Am 09.07.25 um 13:52 schrieb Guenther Sohler via Discuss: > > Does Lua have named arguments in function calls > > Can be done by passing a table as argument. > > somefunction{width=123,height=456,color="blue"} > > and is there an easy-to-use embeddable package ? > > > Embedding Lua in C or C++ is – no, not a one-liner – but in about 30…50 > lines, depending on your needs. Argument passing and error catching is > quite simple. > > You can find a simple example in > https://github.com/bassklampfe/lua4hydrogen/blob/main/midi2hydrogen-qt/midi2hydrogen-qt.cpp > (in one of my repositories in my personal github account) > > And also google "embedding lua in c++" will give you 1000s of hints. > Explicit like above example or also ready to use C++-classes. > > On the other side it's also simple to Map a C++ Class to Lua. > Simple example https://github.com/jjvbsag/COMPLEX/blob/master/lcomplex.cpp > (in one of my repositories in my ex-company github account) > > Again, google will show you all further examples. > > But for me, the best in Lua are the dependencies. The plane Lua > interpreter just has got ONE! A working C-Compiler with stdlib! And Lua is > small. > > stat -c%s $(which lua5.1) > 194872 > > stat -c%s $(which python3.10) > 5937800 > > But, please let us now stop discussion Lua in this Mailing list about > OpenSCAD. > Regards > > On Wed, Jul 9, 2025 at 1:00 PM jjvbhh via Discuss < > discuss@lists.openscad.org> wrote: > >> Hi Folk >> I'm no so firm in python, but I can tell, what we did in some embedded >> systems to sandbox Lua-Scripts >> >> Call user script in an environment with >> - removed globals, which have filesystem access: loadfile, dofile, >> module, require >> - removed packages, which have filesystem access: os, io >> >> added supporting functions >> >> load_file(path), save_file(path,...) with path verified to be only in an >> allowed list of folders/directories. >> printf(...) for formatted output >> >> I don't know, if similar is possible in python, but we believe in Lua >> this is safe. >> >> Regards >> > _______________________________________________ > OpenSCAD mailing list > To unsubscribe send an email to discuss-leave@lists.openscad.org >

discuss@lists.openscad.org

Disappearing trick?