[Date Prev][Date Next][Thread Prev][Thread Next]
- Subject: Re: WebLua
- From: Björn De Meyer <bjorn.demeyer@...>
- Date: Mon, 15 Jul 2002 19:34:52 +0200
Nick Trout wrote:
> Thanks for the feedback wrt to WebLua. lhf gave me a hand and we came to a
> similar solution to ones put forward. I've ulimited memory and script
> execution time (to 1 second). All file and system scripts return an error if
> used. Hope thats all the holes plugged.
Oops! I retract my previous message!
There's still a bit of a hole left!
Run using lua generates:
You shouldn't run the lua interpreter as root.
And you'd best disable getenv as well as it might
be used to sniff your system. Unless you've set up
a bogus environment for the weblua executable,
"No one knows true heroes, for they speak not of their greatness." --
Björn De Meyer