rhai/doc/src/safety/sandbox.md
2020-09-28 22:14:19 +08:00

1.2 KiB

Sand-Boxing - Block Access to External Data

{{#include ../links.md}}

Rhai is sand-boxed so a script can never read from outside its own environment.

Furthermore, an [Engine] created non-mut cannot mutate any state, including itself (and therefore it is also re-entrant).

It is highly recommended that [Engine]'s be created immutable as much as possible.

let mut engine = Engine::new();

// Use the fluent API to configure an 'Engine'
engine.register_get("field", get_field)
      .register_set("field", set_field)
      .register_fn("do_work", action);

// Then turn it into an immutable instance
let engine = engine;

// 'engine' is immutable...

Using Rhai to Control External Environment

How does a sand-boxed, immutable [Engine] control the external environment? This is necessary in order to use Rhai as a dynamic control layer over a Rust core system.

There are two general patterns, both involving wrapping the external system in a shared, interior-mutated object (e.g. Rc<RefCell<T>>):