diff options
| author | Daniel Silverstone <dsilvers@digital-scurf.org> | 2012-07-29 12:34:12 +0100 |
|---|---|---|
| committer | Daniel Silverstone <dsilvers@digital-scurf.org> | 2012-07-29 12:34:12 +0100 |
| commit | 7712b97c6ce3d0ccc4260586d7706e29d5e9a77f (patch) | |
| tree | c3677c7740e0f7370c152f2de660ca0b65eb732c /src | |
| parent | 53444511938cc3999729a4c2aa6eccc9a2741ab2 (diff) | |
| download | supple-7712b97c6ce3d0ccc4260586d7706e29d5e9a77f.tar.gz | |
WRAPPER: Initial interpreter wrapper work ready for subprocess sandboxing
Diffstat (limited to 'src')
| -rw-r--r-- | src/wrapper.c | 43 |
1 files changed, 43 insertions, 0 deletions
diff --git a/src/wrapper.c b/src/wrapper.c new file mode 100644 index 0000000..59b8fd5 --- /dev/null +++ b/src/wrapper.c @@ -0,0 +1,43 @@ +/* supple/src/wrapper.c + * + * Sandbox (for) Untrusted Procedure Partitioning (in) Lua Engine - Supple + * + * Wrapper for Lua interpreter to protect and isolate the sandbox code. + * + * Copyright 2012 Daniel Silverstone <dsilvers@digital-scurf.org> + * + * For licence terms, see COPYING + * + */ + +#include <lua.h> +#include <unistd.h> +#include <stdlib.h> +#include <stdio.h> + +char * const sub_argv[] = { + LUA_INTERP_NAME, + "-lsupple", + "-esupple.sandbox.run()", + NULL +}; + +int +main(int argc, char **argv) +{ + /* Perform pre-lua-interpreter initialisation */ +#ifndef TESTING_SUPPLE + unsetenv(LUA_PATH); + unsetenv(LUA_CPATH); +#endif + unsetenv(LUA_INIT); + + /* Now go on to run: + * /path/to/lua -lsupple -esupple.sandbox.run() + */ + if (execv(LUA_INTERP_PATH, sub_argv) == -1) { + perror("execv(" LUA_INTERP_PATH ")"); + } + + return EXIT_FAILURE; +} |