Re: WebLua

lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

Subject: Re: WebLua
From: Thatcher Ulrich <tu@...>
Date: Fri, 12 Jul 2002 13:59:19 -0400

On Jul 12, 2002 at 01:38 -0400, John Passaniti wrote:
> > N.B. I've currently disabled the "lua" button
> > since there are security issues with running 
> > arbitary Lua scripts on the server obviously. 
> > I'm currently looking into ways of dealing 
> > with this. I'm not a unix expert so any help 
> > and thoughts on the matter gratefully 
> > received.
> 
> Add a block of code that executes prior to the user's code.  That code
> would redefine all functions deemed dangerous (all the file-related
> functions) to nil.  

Or just don't initialize iolib?

-- 
Thatcher Ulrich
http://tulrich.com

Follow-Ups:
- Re: WebLua, Björn De Meyer

References:
- WebLua, Nick Trout
- RE: WebLua, John Passaniti

Prev by Date: RE: WebLua
Next by Date: Re: WebLua
Previous by thread: RE: WebLua
Next by thread: Re: WebLua
Index(es):
- Date
- Thread