robogg133/packets
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Enhance permission handling in package installation and removal commands; add user management functions for improved security. Now for every time packets will execute lua scripts, it will change process euid to an unprivileged user; Now lua scripts can execute more lua default functions

Browse Source
This commit is contained in:
roboogg133
2025-09-28 21:55:13 -03:00
parent 3591460214
commit 0e8db8b40e
5 changed files with 100 additions and 150 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
internal/utils/lua/lua.go
View File

@@ -28,16 +28,6 @@ func GetSandBox(sandboxdir string) (lua.LState, error) {
L.SetGlobal("path_join", L.NewFunction(Ljoin))
// Packets build functions
build := L.NewTable()
L.SetField(build, "requirements", L.NewFunction(LCompileRequirements))
L.SetField(build, "compile", L.NewFunction(LCompile))
L.SetGlobal("build", build)
osObject.RawSetString("execute", lua.LNil)
osObject.RawSetString("exit", lua.LNil)
osObject.RawSetString("getenv", lua.LNil)
osObject.RawSetString("remove", L.NewFunction(LSafeRemove))
osObject.RawSetString("rename", L.NewFunction(LSafeRename))
@@ -53,7 +43,7 @@ func GetSandBox(sandboxdir string) (lua.LState, error) {
ioObject.RawSetString("stderr", lua.LNil)
ioObject.RawSetString("stdin", lua.LNil)
ioObject.RawSetString("lines", lua.LNil)
ioObject.RawSetString("open", L.NewFunction(LOpen))
//ioObject.RawSetString("open", L.NewFunction(LOpen))
return *L, nil
}