Re: future of bytecode verifier

lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

Subject: Re: future of bytecode verifier
From: Javier Guerra <javier@...>
Date: Thu, 5 Mar 2009 10:28:45 -0500

On Thu, Mar 5, 2009 at 9:49 AM, John Hind <john.hind@zen.co.uk> wrote:
> Now you really have me confused! Surely most Lua apps accept "arbitrary user
> code"? After all it is a configuration and customisation language and this
> is the whole point. Sure, I guess most such apps do not *expect* to load
> binary files, but as long as they use the same input stream this will remain
> a possible attack vector. The main risk, as long as binary and text files
> use the same input stream, must be that an attacker replaces a Lua source
> file with his own binary file of the same name?

it's quite simple to be 'safe' when loading source code, just restrict
the available functions and (maybe) running time (to stop infinite
loops).  when loading bytecode, OTOH, it's possible to hang the VM
itself.  that's what the verifier tried to avoid.


-- 
Javier

References:
- future of bytecode verifier, Luiz Henrique de Figueiredo
- Re: future of bytecode verifier, Luiz Henrique de Figueiredo
- Re: future of bytecode verifier, Luiz Henrique de Figueiredo
- Re: future of bytecode verifier, Luiz Henrique de Figueiredo

Prev by Date: Re: future of bytecode verifier
Next by Date: Re: future of bytecode verifier
Previous by thread: Re: future of bytecode verifier
Next by thread: Re: future of bytecode verifier
Index(es):
- Date
- Thread