example_sandbox_runner.lua (5839B)
1 -- Example: How to run untrusted code in an OrbitManager sandbox 2 3 local OrbitManager = require("OrbitManager") 4 5 print("=== Sandbox Runner Example ===\n") 6 7 -- Example 1: Running a simple app with limited permissions 8 print("Example 1: Running user code in a sandbox\n") 9 10 local appManifest = [[ 11 return { 12 name = "userapp"; 13 dev = "untrusteddev"; 14 perms = { 15 fs = false, 16 os = false, 17 network = false 18 }; 19 allowedPaths = {}; 20 allowedDomains = {} 21 } 22 ]] 23 24 -- Create the sandbox 25 local orbit, sandbox = OrbitManager.newSandbox(appManifest) 26 print("Created sandbox for 'userapp' by 'untrusteddev'") 27 28 -- Untrusted user code 29 local userCode = [[ 30 -- This code runs in the sandbox 31 local function fibonacci(n) 32 if n <= 1 then return n end 33 return fibonacci(n - 1) + fibonacci(n - 2) 34 end 35 36 local result = {} 37 for i = 1, 10 do 38 table.insert(result, fibonacci(i)) 39 end 40 41 return table.concat(result, ", ") 42 ]] 43 44 print("\nRunning user code...") 45 local chunk, err = load(userCode, "userCode", "t", sandbox) 46 if chunk then 47 local success, result = pcall(chunk) 48 if success then 49 print("✓ Result:", result) 50 else 51 print("✗ Error:", result) 52 end 53 else 54 print("✗ Compile error:", err) 55 end 56 57 print("\n" .. string.rep("-", 60) .. "\n") 58 59 -- Example 2: Running code that tries to do something malicious 60 print("Example 2: Blocking malicious code\n") 61 62 local maliciousCode = [[ 63 -- Try to access the filesystem (should fail) 64 local file = io.open("/etc/passwd", "r") 65 if file then 66 return "SECURITY BREACH: Accessed /etc/passwd" 67 else 68 return "Failed to open file (good!)" 69 end 70 ]] 71 72 print("Running malicious code that tries to access /etc/passwd...") 73 chunk, err = load(maliciousCode, "maliciousCode", "t", sandbox) 74 if chunk then 75 local success, result = pcall(chunk) 76 if success then 77 print("✓ Code ran, result:", result) 78 else 79 print("✓ Security worked! Error:", result) 80 end 81 else 82 print("✗ Compile error:", err) 83 end 84 85 print("\n" .. string.rep("-", 60) .. "\n") 86 87 -- Example 3: App with filesystem access to specific directory 88 print("Example 3: App with limited filesystem access\n") 89 90 local fsAppManifest = [[ 91 return { 92 name = "fileprocessor"; 93 dev = "trusteddev"; 94 perms = { 95 fs = true, 96 os = false, 97 network = false 98 }; 99 allowedPaths = { 100 "/tmp/*" 101 }; 102 allowedDomains = {} 103 } 104 ]] 105 106 local orbit3, sandbox3 = OrbitManager.newSandbox(fsAppManifest) 107 print("Created sandbox with /tmp/* access") 108 109 local fsCode = [[ 110 -- Try to open a file in /tmp (should work) 111 local tmpFile = io.open("/tmp/test.txt", "w") 112 if tmpFile then 113 -- In real scenario, this would write to the file 114 return "SUCCESS: Can access /tmp/test.txt" 115 else 116 return "FAILED: Could not access /tmp/test.txt" 117 end 118 ]] 119 120 print("\nRunning code with /tmp access...") 121 chunk, err = load(fsCode, "fsCode", "t", sandbox3) 122 if chunk then 123 local success, result = pcall(chunk) 124 print((success and "✓" or "✗") .. " " .. tostring(result)) 125 else 126 print("✗ Compile error:", err) 127 end 128 129 -- Now try to access something outside allowed paths 130 local unauthorizedFsCode = [[ 131 -- Try to open a file outside allowed paths (should fail) 132 local file = io.open("/etc/shadow", "r") 133 if file then 134 return "SECURITY BREACH: Accessed /etc/shadow" 135 else 136 return "Correctly blocked" 137 end 138 ]] 139 140 print("Running code trying to access /etc/shadow...") 141 chunk, err = load(unauthorizedFsCode, "unauthorizedFsCode", "t", sandbox3) 142 if chunk then 143 local success, result = pcall(chunk) 144 if not success then 145 print("✓ Access blocked:", result) 146 else 147 print("✗ " .. result) 148 end 149 else 150 print("✗ Compile error:", err) 151 end 152 153 print("\n" .. string.rep("-", 60) .. "\n") 154 155 -- Example 4: Demonstrating the complete app lifecycle 156 print("Example 4: Complete app lifecycle\n") 157 158 local appManifest4 = [[ 159 return { 160 name = "calculator"; 161 dev = "mathdev"; 162 version = "1.0"; 163 perms = { 164 fs = false, 165 os = false, 166 network = false 167 }; 168 allowedPaths = {}; 169 allowedDomains = {} 170 } 171 ]] 172 173 local orbit4, sandbox4 = OrbitManager.newSandbox(appManifest4) 174 local metadata = orbit4:getManifestData() 175 176 print("Loaded app:", metadata.name) 177 print("Developer:", metadata.dev) 178 print("Version:", metadata.version or "N/A") 179 180 -- The app's main code 181 local appCode = [[ 182 -- Simple calculator app 183 local Calculator = {} 184 185 function Calculator.add(a, b) 186 return a + b 187 end 188 189 function Calculator.multiply(a, b) 190 return a * b 191 end 192 193 function Calculator.factorial(n) 194 if n <= 1 then return 1 end 195 return n * Calculator.factorial(n - 1) 196 end 197 198 -- Return the API 199 return Calculator 200 ]] 201 202 print("\nLoading calculator app...") 203 chunk, err = load(appCode, "calculator", "t", sandbox4) 204 if chunk then 205 local success, Calculator = pcall(chunk) 206 if success then 207 print("✓ App loaded successfully") 208 print("\nTesting calculator:") 209 print(" 2 + 3 =", Calculator.add(2, 3)) 210 print(" 4 * 5 =", Calculator.multiply(4, 5)) 211 print(" 5! =", Calculator.factorial(5)) 212 else 213 print("✗ Error:", Calculator) 214 end 215 else 216 print("✗ Compile error:", err) 217 end 218 219 print("\n" .. string.rep("-", 60) .. "\n") 220 print("=== Examples Complete ===") 221 print("\nKey takeaways:") 222 print("1. newSandbox creates a safe environment based on sandboxEnv.lua") 223 print("2. Only whitelisted functions are available to sandboxed code") 224 print("3. Permission-controlled functions (io, os) are wrapped with stubs") 225 print("4. Stubs check manifest permissions before allowing execution") 226 print("5. Filesystem and network access can be restricted to specific paths/domains")