8 replies to this topic

[tom2018]

what would be a simple way to block people from certain directories?

[Orwell]

I don't think that their exists a simple way. /> Best way to do this is overriding some methods of fs api. You could of course look in the programs section, there are some 'OS's that do this.

[kazagistar]

Orwell, on 17 November 2012 - 01:05 PM, said:

I don't think that their exists a simple way. /> Best way to do this is overriding some methods of fs api. You could of course look in the programs section, there are some 'OS's that do this.

Overriding the fs api is likely enough to protect against inexperienced users, but will not protect against the most experienced players. For that, check out this chroot program. Of course, it is from an older version of minecraft, and uses white-listing (as any good sandbox should) so some things might not work and would need to be tweaked to your needs. Good luck!

[tom2018]

wait i know is there a way to act like the original OS but if certain input entered it logs to a /logs and locks account(if not admin)

[Orwell]

Yes, it is possible, by modifying existing functions.
Very easy example:

os.shutdown = function() print("You can't shutdown!") end

That would disable shutdown. Though, you can still access the original shutdown function through '_G.os.shutdown()'.
I made a chroot program myself as well a couple of months ago. /> Safest way is to set a separate environment for a new (custom) shell session. But it's probably still circumventable. (If you made it so shell.exit() still reboots the pc, you could use this ingenious method.)

@Tom2018: This stuff is not so basic anymore, if you really want to do this, I suggest reading some more on how lua works. />

[tom2018]

i know lua well enough its just i dont like 1000 lines of code

[kazagistar]

Orwell, on 17 November 2012 - 02:14 PM, said:

Yes, it is possible, by modifying existing functions.
Very easy example:

os.shutdown = function() print("You can't shutdown!") end

That would disable shutdown. Though, you can still access the original shutdown function through '_G.os.shutdown()'.
I made a chroot program myself as well a couple of months ago. /> Safest way is to set a separate environment for a new (custom) shell session. But it's probably still circumventable. (If you made it so shell.exit() still reboots the pc, you could use this ingenious method.)

@Tom2018: This stuff is not so basic anymore, if you really want to do this, I suggest reading some more on how lua works. />

The sandbox I linked protects against ALL modification of the base system from within the sandbox (last time I checked) as well as a couple of VERY obscure holes, like using "getfenv()" and using the bytecode loading properties of "load()" to inject code with illegal references.

[Orwell]

tom2018, on 17 November 2012 - 02:31 PM, said:

i know lua well enough its just i dont like 1000 lines of code

Sorry, I didn't mean to be offending. I wrongly assumed you asked because you didn't know where to start, while you actually where concerned about a practical approach. />

[Orwell]

kazagistar, on 17 November 2012 - 02:36 PM, said:

Orwell, on 17 November 2012 - 02:14 PM, said:

*snip*

The sandbox I linked protects against ALL modification of the base system from within the sandbox (last time I checked) as well as a couple of VERY obscure holes, like using "getfenv()" and using the bytecode loading properties of "load()" to inject code with illegal references.

Yes, I believe that. /> (I saw the code long time ago) But, still basically setting a separate environment for a program and redefining some system functions does that. (maybe that's what the chroot program does, no idea) I don't know if the link I posted would work against that (it would probably depend on implementation) but I was very impressed by the possibilities of that code.