[Date Prev][Date Next][Thread Prev][Thread Next]
[Date Index]
[Thread Index]
- Subject: Re: WebLua
- From: Thatcher Ulrich <tu@...>
- Date: Fri, 12 Jul 2002 13:59:19 -0400
On Jul 12, 2002 at 01:38 -0400, John Passaniti wrote:
> > N.B. I've currently disabled the "lua" button
> > since there are security issues with running
> > arbitary Lua scripts on the server obviously.
> > I'm currently looking into ways of dealing
> > with this. I'm not a unix expert so any help
> > and thoughts on the matter gratefully
> > received.
>
> Add a block of code that executes prior to the user's code. That code
> would redefine all functions deemed dangerous (all the file-related
> functions) to nil.
Or just don't initialize iolib?
--
Thatcher Ulrich
http://tulrich.com