[Sandboxed Lua] Limit execution time, loop iterations and memory usage

classic Classic list List threaded Threaded
8 messages Options
Reply | Threaded
Open this post in threaded view
|

[Sandboxed Lua] Limit execution time, loop iterations and memory usage

moltrecht
Hi!

I'm working on a sandboxed version of Lua which can be called from PHP to allow users to run their own scripts. It's quite safe so far, the only problem is that users may create infinite loops, use all system memory or have their scripts run for a very long time.
Is there any way of solving these problems? A function like set_time_limit() in PHP would be great, or the possibility to overwrite the normal while- and for-loops with a custom implementation that e.g. allows only up to 1000 iterations.
Another issue is the memory problem, how can I be sure the user doesn't create variables over variables and thus spams the system memory?

Thanks for your answers!

Reply | Threaded
Open this post in threaded view
|

Re: [Sandboxed Lua] Limit execution time, loop iterations and memory usage

Patrick Donnelly
On Tue, Jun 8, 2010 at 9:10 AM,  <[hidden email]> wrote:
> Hi!
>
> I'm working on a sandboxed version of Lua which can be called from PHP to allow users to run their own scripts. It's quite safe so far, the only problem is that users may create infinite loops, use all system memory or have their scripts run for a very long time.
> Is there any way of solving these problems? A function like set_time_limit() in PHP would be great, or the possibility to overwrite the normal while- and for-loops with a custom implementation that e.g. allows only up to 1000 iterations.
> Another issue is the memory problem, how can I be sure the user doesn't create variables over variables and thus spams the system memory?

See:

http://lua-users.org/wiki/SandBoxes
http://lua-users.org/lists/lua-l/2010-04/msg00667.html
http://lua-users.org/lists/lua-l/2009-05/msg00373.html

There are many threads on this subject. Google more if those don't
answer all your questions :).

--
- Patrick Donnelly
Reply | Threaded
Open this post in threaded view
|

Re: [Sandboxed Lua] Limit execution time, loop iterations and memory usage

Kurt Nordstrom
Also, look at the debugging hooks in the C API.  http://www.lua.org/manual/5.1/manual.html#lua_Hook

I'd be interested in seeing a good solution to limiting memory over-allocation.

-Kurt


On Tue, Jun 8, 2010 at 8:17 AM, Patrick Donnelly <[hidden email]> wrote:
On Tue, Jun 8, 2010 at 9:10 AM,  <[hidden email]> wrote:
> Hi!
>
> I'm working on a sandboxed version of Lua which can be called from PHP to allow users to run their own scripts. It's quite safe so far, the only problem is that users may create infinite loops, use all system memory or have their scripts run for a very long time.
> Is there any way of solving these problems? A function like set_time_limit() in PHP would be great, or the possibility to overwrite the normal while- and for-loops with a custom implementation that e.g. allows only up to 1000 iterations.
> Another issue is the memory problem, how can I be sure the user doesn't create variables over variables and thus spams the system memory?

See:

http://lua-users.org/wiki/SandBoxes
http://lua-users.org/lists/lua-l/2010-04/msg00667.html
http://lua-users.org/lists/lua-l/2009-05/msg00373.html

There are many threads on this subject. Google more if those don't
answer all your questions :).

--
- Patrick Donnelly



--
http://www.blar.net/kurt/blog/
Reply | Threaded
Open this post in threaded view
|

Re: [Sandboxed Lua] Limit execution time, loop iterations and memory usage

Patrick Donnelly
On Tue, Jun 8, 2010 at 10:30 AM, Kurt Nordstrom
<[hidden email]> wrote:
> Also, look at the debugging hooks in the C API.
> http://www.lua.org/manual/5.1/manual.html#lua_Hook
>
> I'd be interested in seeing a good solution to limiting memory
> over-allocation.

There is a good solution, give Lua an allocator that has a limit on
the amount of memory [1].

[1] http://www.lua.org/manual/5.1/manual.html#lua_Alloc

--
- Patrick Donnelly
Reply | Threaded
Open this post in threaded view
|

Re: [Sandboxed Lua] Limit execution time, loop iterations and memory usage

moltrecht
Thanks you for all your answers, I managed to limit CPU time and memory using the "ulimit" command.
But now there is a performance issue. I ran some tests on the current testing system and found out that launching the Lua parser (from my PHP script) takes around 0.02 seconds, almost exactly the time it takes to calculate the sine 100.000 times. Since the sandboxed Lua is supposed to be ran a few times for each PHP site parsed, this may cause serious performance problems (0.02s for intepreter + 0.02s for script = 0.04s, 0.04s * 10 = 0.4s, and this is just the Lua part, without any MySQL or PHP).
Is there any possibility of running the interpreter all the time and just sending it commands which scripts to execute and then stream the output back to my PHP script? This would eliminate the need to start the interpreter again and again.

Your help would really be appreciated,
Lennart Moltrecht

-----Ursprüngliche Nachricht-----
Von: "Patrick Donnelly" <[hidden email]>
Gesendet: Dienstag, 8 Juni, 2010 16:33
An: "Lua list" <[hidden email]>
Betreff: Re: [Sandboxed Lua] Limit execution time, loop iterations and memory usage

On Tue, Jun 8, 2010 at 10:30 AM, Kurt Nordstrom
<[hidden email]> wrote:
> Also, look at the debugging hooks in the C API.
> http://www.lua.org/manual/5.1/manual.html#lua_Hook
>
> I'd be interested in seeing a good solution to limiting memory
> over-allocation.

There is a good solution, give Lua an allocator that has a limit on
the amount of memory [1].

[1] http://www.lua.org/manual/5.1/manual.html#lua_Alloc

--
- Patrick Donnelly


Reply | Threaded
Open this post in threaded view
|

Re: [Sandboxed Lua] Limit execution time, loop iterations and memory usage

Bertrand Mansion
Hi,

In my experiment on http://trylua.mamasam.com I use the Lua extension
for PHP which you can find only in the php SVN because it hasn't been
released yet. This way, PHP can control the resources used by Lua and
in case the values set for max_execution_time or memory_limit are
exceeded, trigger an error which you can catch to display a nice error
message and end the script correctly. If you are proficient in C, this
Lua extension for PHP needs some love I think:

http://svn.php.net/viewvc/pecl/lua/

Then there is my version which is probably all wrong since I am not an expert:
http://svn.php.net/viewvc/pecl/lua/branches/NO_LUA_TABLE/lua.c?r1=283952&r2=283955

----
Bertrand Mansion
Mamasam

On Wed, Jun 9, 2010 at 10:35 AM,  <[hidden email]> wrote:

> Thanks you for all your answers, I managed to limit CPU time and memory using the "ulimit" command.
> But now there is a performance issue. I ran some tests on the current testing system and found out that launching the Lua parser (from my PHP script) takes around 0.02 seconds, almost exactly the time it takes to calculate the sine 100.000 times. Since the sandboxed Lua is supposed to be ran a few times for each PHP site parsed, this may cause serious performance problems (0.02s for intepreter + 0.02s for script = 0.04s, 0.04s * 10 = 0.4s, and this is just the Lua part, without any MySQL or PHP).
> Is there any possibility of running the interpreter all the time and just sending it commands which scripts to execute and then stream the output back to my PHP script? This would eliminate the need to start the interpreter again and again.
>
> Your help would really be appreciated,
> Lennart Moltrecht
>
> -----Ursprüngliche Nachricht-----
> Von: "Patrick Donnelly" <[hidden email]>
> Gesendet: Dienstag, 8 Juni, 2010 16:33
> An: "Lua list" <[hidden email]>
> Betreff: Re: [Sandboxed Lua] Limit execution time, loop iterations and memory usage
>
> On Tue, Jun 8, 2010 at 10:30 AM, Kurt Nordstrom
> <[hidden email]> wrote:
>> Also, look at the debugging hooks in the C API.
>> http://www.lua.org/manual/5.1/manual.html#lua_Hook
>>
>> I'd be interested in seeing a good solution to limiting memory
>> over-allocation.
>
> There is a good solution, give Lua an allocator that has a limit on
> the amount of memory [1].
>
> [1] http://www.lua.org/manual/5.1/manual.html#lua_Alloc
>
> --
> - Patrick Donnelly
>
>
>



--
Bertrand Mansion
Mamasam
Reply | Threaded
Open this post in threaded view
|

Re: [Sandboxed Lua] Startup time

Edgar Toernig
In reply to this post by moltrecht
[hidden email] wrote:
>
> But now there is a performance issue. I ran some tests on the current
> testing system and found out that launching the Lua parser (from my
> PHP script) takes around 0.02 seconds, almost exactly the time it
> takes to calculate the sine 100.000 times.

Try linking Lua without readline and possibly static.

This line:
 time for in in `seq 1 1000`; do lua -e return; done

takes
 2.0s standard linux build (dynamic, with readline)
 1.4s dynamic without readline
 0.9s static without readline

on an old 3GHz-P4.  0.02s (20s for 1000) looks like a really slow
machine or something strange's going on.

Ciao, ET.
Reply | Threaded
Open this post in threaded view
|

Re: [Sandboxed Lua] Limit execution time, loop iterations and memory usage

Rena
In reply to this post by moltrecht
On Wed, Jun 9, 2010 at 02:35,  <[hidden email]> wrote:

> Thanks you for all your answers, I managed to limit CPU time and memory using the "ulimit" command.
> But now there is a performance issue. I ran some tests on the current testing system and found out that launching the Lua parser (from my PHP script) takes around 0.02 seconds, almost exactly the time it takes to calculate the sine 100.000 times. Since the sandboxed Lua is supposed to be ran a few times for each PHP site parsed, this may cause serious performance problems (0.02s for intepreter + 0.02s for script = 0.04s, 0.04s * 10 = 0.4s, and this is just the Lua part, without any MySQL or PHP).
> Is there any possibility of running the interpreter all the time and just sending it commands which scripts to execute and then stream the output back to my PHP script? This would eliminate the need to start the interpreter again and again.
>
> Your help would really be appreciated,
> Lennart Moltrecht
>
> -----Ursprüngliche Nachricht-----
> Von: "Patrick Donnelly" <[hidden email]>
> Gesendet: Dienstag, 8 Juni, 2010 16:33
> An: "Lua list" <[hidden email]>
> Betreff: Re: [Sandboxed Lua] Limit execution time, loop iterations and memory usage
>
> On Tue, Jun 8, 2010 at 10:30 AM, Kurt Nordstrom
> <[hidden email]> wrote:
>> Also, look at the debugging hooks in the C API.
>> http://www.lua.org/manual/5.1/manual.html#lua_Hook
>>
>> I'd be interested in seeing a good solution to limiting memory
>> over-allocation.
>
> There is a good solution, give Lua an allocator that has a limit on
> the amount of memory [1].
>
> [1] http://www.lua.org/manual/5.1/manual.html#lua_Alloc
>
> --
> - Patrick Donnelly
>
>
>

You could certainly run your script separately from PHP, in a loop,
and let the two communicate via pipes or sockets.

--
Sent from my toaster.