Re: Using Lua for config files

lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

Subject: Re: Using Lua for config files
From: Petite Abeille <petite.abeille@...>
Date: Thu, 19 Dec 2013 20:29:24 +0100

On Dec 19, 2013, at 4:54 PM, Roberto Ierusalimschy <roberto@inf.puc-rio.br> wrote:

> Probably I am being too naive, but I have written a very simple sandbox
> that seems to be enough to ensure a "safe" execution of a script. It
> simply uses debug hooks to control CPU usage, finalizers to control
> memory usage, and a restricted environment (emtpy by default) to control
> what the script can call. It would be nice if other people could
> check it. (It assumes Lua 5.2.)

I suspect wiping out all the metatables would not hurt either:

debug.setmetatable( '', nil )
debug.setmetatable( 1, nil )
debug.setmetatable( function() end, nil )
debug.setmetatable( true, nil )

Don’t want these naughty ("x"):rep(100000000) and assorted other string functions to get out of control somehow.

Follow-Ups:
- Re: Using Lua for config files, steve donovan

References:
- Re: Using Lua for config files, John Hind
- Re: Using Lua for config files, Roberto Ierusalimschy

Prev by Date: Re: Using Lua for config files
Next by Date: Re: Using Lua for config files
Previous by thread: Re: Using Lua for config files
Next by thread: Re: Using Lua for config files
Index(es):
- Date
- Thread