It's mandatory to specify a few maximum parameters when you're loading the script. From the readme: privs={ time_unit=1, --seconds allowed per call time_total=2, --seconds allowed total memory_unit=4, --kb allowed per call memory_total=8, --kb allowed total maxlength=math.huge, --characters allowed in code } It does some simple accounting to keep the lifetime totals. --Meae On Wed, Dec 17, 2014 at 10:09 AM, steve donovan <steve.j.donovan@xxxxxxxxx> wrote: > > On Wed, Dec 17, 2014 at 5:03 PM, Meae Flowright <scratchnloved@xxxxxxxxx> > wrote: > > By not passing default string operators, most of which aren't safe, to > the > > environment. The sandbox overloads the string type metatable with the > > environment's string table if provided, otherwise it uses an empty table. > > That's the sensible thing to do (e.g Penlight's pretty.load has a > paranoid option) > > Roberto pointed out that one can still cause mayhem with simple string > concatenation: > L = "lol" > L = L..L..L..L..L..L..L > L = L..L..L..L..L..L..L > L = L..L..L..L..L..L..L > .... > > What kinds of space/time contraints can you impose on the running scripts? > >