Re: Restricting file access

lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

Subject: Re: Restricting file access
From: Enrico Colombini <erix@...>
Date: Fri, 13 Jun 2003 20:54:51 +0200

On Friday 13 June 2003 19:35, RLake@oxfam.org.pe wrote:
> I think what he's saying is that someone might *extend* the io library
> in an upwards-compatible way which results in the addition of more
> unsafe methods. For example, I might have an io library which adds
> io.opendir(d); this will not interfere with any code using the
> existing io library, except that the guardian doesn't know to delete
> it.

That's what I meant. I was thinking of a user installing, say, Lua 5.2 with a 
new file function (e.g. the io.opendir you mentioned). The program, having 
been written when io.opendir did not yet exist, could not protect against it 
being called from the 'sandboxed' script.

  Enrico

References:
- RE: Restricting file access, RLake

Prev by Date: Re: python like syntax for lua
Next by Date: Re: python like syntax for lua
Previous by thread: RE: Restricting file access
Next by thread: Re: Restricting file access
Index(es):
- Date
- Thread