[Date Prev][Date Next][Thread Prev][Thread Next]
[Date Index]
[Thread Index]
- Subject: Re: Can module updates ever be made safe?
- From: William Ahern <william@...>
- Date: Fri, 19 Oct 2012 18:41:57 -0700
On Fri, Oct 19, 2012 at 06:19:16PM +0000, Rodriguez, John wrote:
> I was trying to determine if updating a module, while a Lua VM is running,
> can ever be done safely.
My first instinct is to accomplish this with sandboxing. That presumes that
there are discrete and isolated execution contexts, e.g. a web server. You
might use Lua 5.1/LuaJIT function environments or Lua 5.2 _ENV. Or you might
add _G metatables which map thread objects to a read-through namespace,
ensuring each thread sees a consistent set of modules from creation to
termination.
You then make sure that anything that leaks out of the context is safe, i.e.
data not tied to the potentially mutable aspects of the modules.
I actually want to add something like this atop my cqueues asynchronous I/O
project, using a require() replacement which can load modules over DNS and
HTTP from a remote repository. So instead of Ruby gem or Node.js style
modules, you never need explicitly install anything locally. It's
cryptographically verified (from a local signature database) and installed
in few hundred milliseconds, presuming it's not already cached.