lua-users home
lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

Joshua Jensen wrote:
> That's all well and good, but it now requires me to know the size of the
> stack the incoming Lua script uses, so I won't crash the application.

I had not yet noticed this problem, but I basically agree 
with Joshua Jensen here.  From the C side it's almost impossible 
to predict what the required stack size should be on 
many different occasions. Yes, we could check the stack 
ourselves every other time, but that is really a pain. 
It may be more performant or consistent not to perform stack 
checking, but it is by no means safe nor secure. 

Lua allows you to make a safe sandbox for external scripts by  
allowing you to make certain functions unavailable. If, however, 
the scripts can crash the program by performing some deep recursive 
operations, then they will be able to crash the Lua application,
leading to possible DOS problems. The sandbox has become a sand sieve. 

As a compromise, the autogrowing stack would be a feature that could be 
turned on and off. Off for performance, on (by default) for security. 
Or maybe a C callback function that is called whenever the stack is 
in risk of overflowing. 

"No one knows true heroes, for they speak not of their greatness." -- 
Daniel Remar.
Björn De Meyer