diff --git a/src/lua/init.cc b/src/lua/init.cc
index 33103fcfdce3db8b635c581924ad2bb6441eaa49..2a7c653b2855b0f13ee0961721b45cd45a40e0c2 100644
--- a/src/lua/init.cc
+++ b/src/lua/init.cc
@@ -865,6 +865,8 @@ tarantool_lua_sandbox(struct lua_State *L)
 	 * 1. Some os.* functions (like os.execute, os.exit, etc..)
 	 * 2. require(), since it can be used to provide access to ffi
 	 * or anything else we unset in 1.
+	 * 3. package, because it can be used to invoke require or to get
+	 * any builtin module using package.loaded
 	 */
 	int result = tarantool_lua_dostring(L,
 					    "os.execute = nil\n"
@@ -873,7 +875,9 @@ tarantool_lua_sandbox(struct lua_State *L)
 					    "os.tmpname = nil\n"
 					    "os.remove = nil\n"
 					    "io = nil\n"
-					    "require = nil\n");
+					    "require = nil\n"
+					    "package = nil\n");
+
 	if (result)
 		panic("%s", lua_tostring(L, -1));
 }
diff --git a/test/box/configuration.result b/test/box/configuration.result
index a35e1cdbc4cd38c2d8c006e9af120b2913d47d90..0ae8d3a5fa010c7d0ccc038c6506d5b48399f564 100644
--- a/test/box/configuration.result
+++ b/test/box/configuration.result
@@ -39,11 +39,11 @@ print_config()
   primary_port: 33013
   wal_dir_rescan_delay: 0.1
 ...
-string.gmatch(package.path, '([^;]*)')()
+string.gmatch(package_path, '([^;]*)')()
 ---
 - script_dir/?.lua
 ...
-string.gmatch(package.cpath, '([^;]*)')()
+string.gmatch(package_cpath, '([^;]*)')()
 ---
 - script_dir/?.so
 ...
diff --git a/test/box/configuration.test.py b/test/box/configuration.test.py
index d66bbea7463674a8cd825dafa9a711d6ac6125a7..4e8cb1d47ea40ceb681c8d5e33da6bf9eea0ac29 100644
--- a/test/box/configuration.test.py
+++ b/test/box/configuration.test.py
@@ -29,8 +29,8 @@ server.stop()
 shutil.copy("box/require_init.lua", os.path.join(script_dir_path, "init.lua"))
 shutil.copy("box/require_mod.lua", os.path.join(script_dir_path, "mod.lua"))
 server.deploy("box/tarantool_scriptdir.cfg")
-admin("string.gmatch(package.path, '([^;]*)')()")
-admin("string.gmatch(package.cpath, '([^;]*)')()")
+admin("string.gmatch(package_path, '([^;]*)')()")
+admin("string.gmatch(package_cpath, '([^;]*)')()")
 admin("mod.test(10, 15)")
 
 # restore default server
diff --git a/test/box/lua_sandbox.result b/test/box/lua_sandbox.result
new file mode 100644
index 0000000000000000000000000000000000000000..832fc2c0eacdcf72f610f6ba88873e33244d1ddc
--- /dev/null
+++ b/test/box/lua_sandbox.result
@@ -0,0 +1,40 @@
+--
+-- Test that some built-in functions were disabled by sandbox
+--
+os.execute
+---
+- null
+...
+os.exit
+---
+- null
+...
+os.rename
+---
+- null
+...
+os.tmpname
+---
+- null
+...
+os.remove
+---
+- null
+...
+io
+---
+- null
+...
+require
+---
+- null
+...
+package
+---
+- null
+...
+-- FFI can be mistakenly saved to the global variable by the one of our modules
+ffi
+---
+- null
+...
diff --git a/test/box/lua_sandbox.test.lua b/test/box/lua_sandbox.test.lua
new file mode 100644
index 0000000000000000000000000000000000000000..918436339f685ce93daa4682b82ed373d4b02a6c
--- /dev/null
+++ b/test/box/lua_sandbox.test.lua
@@ -0,0 +1,13 @@
+--
+-- Test that some built-in functions were disabled by sandbox
+--
+os.execute
+os.exit
+os.rename
+os.tmpname
+os.remove
+io
+require
+package
+-- FFI can be mistakenly saved to the global variable by the one of our modules
+ffi
diff --git a/test/box/require_init.lua b/test/box/require_init.lua
index 51e05ffcb382ea824a019fbd36ff6766f3d5ae08..e6f1e2aa1009fdcaf962a5adba44166befd1fa8c 100644
--- a/test/box/require_init.lua
+++ b/test/box/require_init.lua
@@ -1 +1,3 @@
 mod = require("mod")
+package_path = package.path
+package_cpath = package.cpath
\ No newline at end of file