[Date Prev][Date Next][Thread Prev][Thread Next]
[Date Index]
[Thread Index]
- Subject: Re: Lua Syntax as a Wire Format?
- From: Christian Lindig <lindig@...>
- Date: Mon, 25 Mar 2002 09:31:13 -0500
On Mon, Mar 25, 2002 at 11:19:29AM -0300, Roberto Ierusalimschy wrote:
> > The more I think about it, the more I believe Scheme is better suited.
> > The Lua parser allows only a combined parsing and execution which is
> > insecure in an RPC context. In Scheme, read() and eval() allow to
> > transfer code as a data that can be checked before execution.
>
> In Lua 4.1 you can "compile" the code without running it, with
> loadstring/ loadfile. Moreover, you can build a secure environment
> changing the global table to a new one, that does not contain dangerous
> functions (such as writeto and execute). As an extreme case, you can
> use an empty global table, if all you want is to rebuild some data
> structure.
Could you still have a denial of service attack where looping code is
sent to the server? Scheme's advantage is that you can treat code as
data and check it. This gives the designer of the protocol the full
spectrum from data only to full programs. As an intermediate step one
could allow only non-looping code. However, for the simple setup that I
was looking for your approach would be fine.
-- Christian