Re: Lua as save file - how to generate lua file

lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

Subject: Re: Lua as save file - how to generate lua file
From: Luiz Henrique de Figueiredo <lhf@...>
Date: Mon, 6 Mar 2006 10:03:14 -0300

> Another thought... something that occasionally gets discussed on this list
> is the possibility of defining a "data-only" subset of Lua. The idea is
> that we could use Lua as a general data format without running the risk of
> malicious Lua code being executed inside the host program. However, there
> has never been any agreement on exactly which subset of Lua should be used.

If you can restrict yourself to Lua data files containing just a
few table constructors, then prepending "return " to the file (and
separating the constructors with commas) ensures that it cannot execute
malicious code (as long as you do not export any functions that you
consider dangerous).

For other approaches and more discussion on this topic, see

 http://lua-users.org/lists/lua-l/2005-08/msg00689.html
 http://lua-users.org/lists/lua-l/2005-08/msg00639.html
 http://lua-users.org/lists/lua-l/2005-08/msg00592.html
 http://lua-users.org/lists/lua-l/2004-12/msg00016.html
 http://lua-users.org/lists/lua-l/2004-11/msg00497.html
 http://lua-users.org/lists/lua-l/2004-12/msg00000.html

--lhf

Follow-Ups:
- Re: Lua as save file - how to generate lua file, Mike Pall
- Re: Lua as save file - how to generate lua file, Andy Stark

References:
- Lua as save file - how to generate lua file, Todor Totev
- Re: Lua as save file - how to generate lua file, Luiz Henrique de Figueiredo
- Re: Lua as save file - how to generate lua file, Andy Stark

Prev by Date: Re: Lua as save file - how to generate lua file
Next by Date: Re: Lua as save file - how to generate lua file
Previous by thread: Re: Lua as save file - how to generate lua file
Next by thread: Re: Lua as save file - how to generate lua file
Index(es):
- Date
- Thread