lua-l archive

Search lua-l

This index contains 143,615 documents and 1,774,615 keywords. Last update on 2023-03-09 .

121. Re: lua_newstate vs lua_newthread (score: 2)

Author: Tim Hill <drtimhill@...>

Date: Fri, 26 Jun 2015 02:19:58 -0700

In my experience loading the Lua libraries (luaL_openlibs()) is the most time-consuming part of creating a new Lua state, so we devised a JIT mechanism to amortize this over the lifetime of the Lua

122. lua_newstate vs lua_newthread (score: 2)

Author: Jinhua Luo <luajit.io@...>

Date: Fri, 26 Jun 2015 16:37:01 +0800

Sometimes we need to use the whole lua vm as work unit, e.g. dispatch the work unit among OS threads. However, it's a bit overhead at the lua_newstate and lua_close. Is it feasible to reuse the vm af

123. Re: Simulating Lua states in Lua with only 250 lines of code (score: 2)

Author: "Soni L." <fakedme@...>

Date: Thu, 25 Jun 2015 14:17:51 -0300

You can't get enclosing closures. function f() -- _ENV = _ENV -- redundant because we're making g a global, so we need _ENV function g() (""):doSomething() end -- function has no _ENV end -- good luc

124. Re: Simulating Lua states in Lua with only 250 lines of code (score: 2)

Author: steve donovan <steve.j.donovan@...>

Date: Thu, 25 Jun 2015 08:07:31 +0200

Totally. The Ruby community is much more relaxed about 'monkey patching' - they emphasize the 'patching' whereas we emphasize the 'monkey' ;) It causes big problems in big codebases. I can see the ut

125. Re: Simulating Lua states in Lua with only 250 lines of code (score: 3)

Author: Daurnimator <quae@...>

Date: Wed, 24 Jun 2015 09:46:27 +1000

As I replied on IRC; I think that lexically scoped metatables for the base types are a much better idea. I even coded up a proof of concept: https://gist.github.com/daurnimator/dedd793e6f9b1f8d6b0c (

126. Simulating Lua states in Lua with only 250 lines of code (score: 3)

Author: "Soni L." <fakedme@...>

Date: Mon, 22 Jun 2015 22:51:38 -0300

(Resending because someone said this was sent in HTML-only even tho I have my client set to send as both HTML and plaintext...) https://github.com/SoniEx2/Stuff/blob/master/lua/Sandbox.lua In C you c

127. Simulating Lua states in Lua with only 250 lines of code (score: 3)

Author: "Soni L." <fakedme@...>

Date: Mon, 22 Jun 2015 22:26:26 -0300

https://github.com/SoniEx2/Stuff/blob/master/lua/Sandbox.lua In C you can basically make multiple Lua states that are independent from eachother: they have their own globals (including global metatab

128. Re: metatables for strings? (score: 2)

Author: Andrew Starks <andrew.starks@...>

Date: Sun, 3 May 2015 17:28:19 -0500

Consider [[ ("just string"):hack() ]] to be code from outside. I want prevent it from calling certain methods of string (e.g., string.dump). There is practical application of such a sandbox (in fork

129. Re: getmetatable-esque metamethod [Forked from:] metatables for strings? (score: 2)

Author: Andrew Starks <andrew.starks@...>

Date: Sun, 3 May 2015 17:24:35 -0500

On Sunday, May 3, 2015, Soni L. <fakedme@gmail.com> wrote: On 03/05/15 04:24 PM, Andrew Starks wrote: On Sun, May 3, 2015 at 1:38 PM, Andrew Starks <andrew.starks@trms.com> wrote: <snip/> Can a sandb

130. Re: metatables for strings? (score: 2)

Author: Nagaev Boris <bnagaev@...>

Date: Sun, 3 May 2015 21:48:20 +0000

Consider [[ ("just string"):hack() ]] to be code from outside. I want prevent it from calling certain methods of string (e.g., string.dump). There is practical application of such a sandbox (in forke

131. Re: getmetatable-esque metamethod [Forked from:] metatables for strings? (score: 2)

Author: "Soni L." <fakedme@...>

Date: Sun, 03 May 2015 18:21:15 -0300

On 03/05/15 04:24 PM, Andrew Starks wrote: On Sun, May 3, 2015 at 1:38 PM, Andrew Starks <andrew.starks@trms.com> wrote: <snip/> Can a sandbox isolate added string's methods? Can you provide sandboxi

132. Re: metatables for strings? (score: 2)

Author: Dirk Laurie <dirk.laurie@...>

Date: Sun, 3 May 2015 23:00:39 +0200

2015-05-03 19:40 GMT+02:00 Nagaev Boris <bnagaev@gmail.com>: That's not the way a sandbox operates. A sandbox loads and runs a string containing code from outside. I.e. the author of that code does n

133. Re: metatables for strings? (score: 2)

Author: Dirk Laurie <dirk.laurie@...>

Date: Sun, 3 May 2015 22:48:04 +0200

2015-05-03 20:38 GMT+02:00 Andrew Starks <andrew.starks@trms.com>: Are you seriously proposing that a sandbox execute stuff from the caller's environment? Seriously?

134. Re: metatables for strings? (score: 2)

Author: Rena <hyperhacker@...>

Date: Sun, 3 May 2015 15:35:00 -0400

function sandbox(code) dostring("string.hack = nil; " .. code) end But seriously, if you're worried about that kind of abuse, your sandbox should be replacing the loaded function's "string" table wit

135. getmetatable-esque metamethod [Forked from:] metatables for strings? (score: 2)

Author: Andrew Starks <andrew.starks@...>

Date: Sun, 3 May 2015 14:24:22 -0500

I could not bare to triple post, and this idea is different enough that I'll take the opportunity to fork... sand boxing the string's metamethods is something that would be nice to be able to do, but

136. Re: metatables for strings? (score: 2)

Author: Andrew Starks <andrew.starks@...>

Date: Sun, 3 May 2015 13:38:13 -0500

Can a sandbox isolate added string's methods? Can you provide sandboxing function passing this test: string.hack = function() print("Hacked") end code = [[ ("just string"):hack() ]] sandbox(code) --

137. Re: metatables for strings? (score: 3)

Author: Andrew Starks <andrew.starks@...>

Date: Sun, 3 May 2015 13:30:41 -0500

Can a sandbox isolate added string's methods? Can you provide sandboxing function passing this test: string.hack = function() print("Hacked") end code = [[ ("just string"):hack() ]] sandbox(code) --

138. Re: metatables for strings? (score: 2)

Author: Nagaev Boris <bnagaev@...>

Date: Sun, 3 May 2015 18:26:21 +0000

Can I secure a sandbox by replacing all items of string table before calling sandboxed function and restoring them back afterwards? I'm trying to apply this approach in my sandbox module [1]. Testing

139. Re: metatables for strings? (score: 2)

Author: Nagaev Boris <bnagaev@...>

Date: Sun, 3 May 2015 17:40:46 +0000

Can a sandbox isolate added string's methods? Can you provide sandboxing function passing this test: string.hack = function() print("Hacked") end code = [[ ("just string"):hack() ]] sandbox(code) --

140. Re: Lua 5.3, _ENV and load(). What a mess. (score: 3)

Author: Roberto Ierusalimschy <roberto@...>

Date: Sat, 28 Mar 2015 13:18:27 -0300

I will point out another thing. There is a difference between sandboxing a function and sandboxing a chunk. A function can access the environment through *any* of its upvalues; there is nothing spec