Is there anyway to avoid this security issue in Lua?

Question

I was just working on a localizable Lua string solution, when I came up with this hack, problem is I don\'t know how to avoid getting hacked by it :) So I was wondering if a

Answer 1

I am not sure why you have an issue, since you probably already know about sandboxes: you can remove dangerous functions like io.exit, and you can ensure the overridden functions are only those in the global table of the user, ie. the Lua functions used internally by your application will remain intact.
In any case, if the hacker can call os.exit directly, the fact he can shoot himself in the foot by supercharging an innocent function he will use later is his problem.
Beside, it is a problem only if you run user functions on your server, for example: if the hacker destroys his system, again, that's his problem!
Now, there is also the issue of distributing dangerous code: it is up to you to restrict the power of user scripts. After all, that's what browsers do with JavaScript.