Maybe I do not understand the issue, but if you use a normal Lua sandbox in which the FFI is not accessible, what is the problem?
For instance:
ffi = require "ffi"
ffi.cdef([[int printf(const char *fmt, ...);]])
function say_hello()
ffi.C.printf("%s", "hello, ");
end
my_user_script = [[
say_hello()
ffi.C.printf("%s\n", "world")
]]
f = loadstring(my_user_script)
print("=== without sandbox ===")
print(pcall(f))
print("=== with sandbox ===")
setfenv(f,{say_hello = say_hello})
print(pcall(f))
This should output:
=== without sandbox ===
hello, world
true
=== with sandbox ===
hello, false [string "say_hello()..."]:2: attempt to index global 'ffi' (a nil value)
Note that you also need to be careful not to leak FFI cdata into the sandbox. There is a paragraph about this in the LuaJIT documentation.