Re[2]: Can this be done? (loading extensions from dlls / so's at r unti me)

lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

Subject: Re[2]: Can this be done? (loading extensions from dlls / so's at r unti me)
From: Denis Andreev <denq@...>
Date: Thu, 30 May 2002 19:26:51 +0400

SM> I'd vote against it

This is not a problem at all! In Lua you may create security environment.
For example, in our project we use 'require' function to implement dynamic
libraries:

require "base"
require "io"
require "tk"

entry = tk.entry{}
f = io.openfile("name.txt")
...
an so on...

But, in any time we can do:

local r = require
require = nil
dofile("insecure.lua")
require = r

What's all. Nothing to worry about.

SM> This is the approach I've taken with Scriptix.  The only other major
SM> feature I'd like to see in a script language (and which may be overkill
SM> for Lua) is a security priv's system.


And this is may be implemented easy:

local r = require

require = function (name)
  if name == "ui" then
    %r(name)
  else
    error("security error!")
  end
end

dofile("insecure.lua")
require = r

So, this is easy to... And you may use tag-methods for implement dynamic
security environments.

This is a great power of lua.

Sorry for bad English... :(

--Denq

References:
- RE: Can this be done? (loading extensions from dlls / so's at r unti me), Asko Kauppi
- RE: Can this be done? (loading extensions from dlls / so's at r unti me), Sean Middleditch

Prev by Date: Re: Problems with tolua...
Next by Date: RE: Can this be done? (loading extensions from dlls / so's at runti me)
Previous by thread: RE: Can this be done? (loading extensions from dlls / so's at r unti me)
Next by thread: Features of v.5.0? [RE: Can this be done?]
Index(es):
- Date
- Thread