[Date Prev][Date Next][Thread Prev][Thread Next]
[Date Index]
[Thread Index]
- Subject: Re: Secure Lua
- From: David Given <dg@...>
- Date: Tue, 22 Nov 2005 00:24:06 +0000
On Tuesday 22 November 2005 00:08, Ashwin Hirschi wrote:
> > * luaopen_debug: Safe?
>
> Eh... well, I'd be careful with this one... For one thing, keep in mind the
> "debug" function will switch to "interactive mode". Unless your game (or
> other host app) has special facilities to deal with this, it's most likely
> not something you want to expose to end users.
Plus, the debug library can do wacky things with local variables, upvalues and
function call stacks, which basically allow you to do a complete end run
around all the sandboxing everyone else is discussing... not fun!
--
+- David Given --McQ-+
| dg@cowlark.com | "The README of fate is a complex program indeed."
| (dg@tao-group.com) | --- Reboot
+- www.cowlark.com --+
Attachment:
pgp1cMYHgaEsM.pgp
Description: PGP signature