To be honest it took me forever to even get my first attempt at a partial escape working, so I probably won't go back looking for more vectors nor will I verify the fixes. I'll leave that to the more experienced folks. What did your partial escape allowed you to do ? If you can send me the technica...

I don't know if you are the same person who emailed us a couple of weeks ago ... if so, I guess nobody responded to you (sorry). Would you consider removing the load() function ? There is one project in particular, developed by user justrandomgeek, that is counting on load(), so we tried to patch u...

We were working on Factorio 0.17.79-0, which is based on Lua 5.2.1 if I am not mistaken.
We have documented our findings and our attempts in this github repository : https://github.com/gbip/lua_attack

Is there that much use within the modding scene of factorio of the load() function ?
We have been able to create Lua primitives that allows memory read/write at arbitrary addresses within the Factorio address space. Achieving native code execution require further work, but is definitively possible.

Hello everyone, With a colleague of mine we have spent a few weeks reviewing how securely are mods implemented. We couldn't not take a look at Factorio, since it seems to be so well engineered :D Loading untrusted bytecode is a huge issue in the Lua world, because there used to be a bytecode verifie...