[Date Prev][Date Next][Thread Prev][Thread Next]
- Subject: RE: One time scripts
- From: virgil@... (Virgil Smith)
- Date: Wed, 22 Oct 2003 10:02:22 -0500
Gee there's another security related question. I hope those with more time
and knowledge than I are considering these issues when cooking up Lua 6
(hint, hint :).
If you are simply failing to recognize all of the globals added by the
script then the Lua 5 specific solution would be to set the environment
table of the script (an excellent security related Lua 5 addition, that
still seems to need to be a bit stronger/simpler).
However, for a Lua4/5 solution (in the same vein with environments), set a
__newindex metamethod (tag method by Lua4 terms/interfaces) on the globals
table and redirect additions to a different table, and set a __index
meta/tag method to look up these new additions. Oops, sorry, the Lua4
method would be to use the "setglobal" and "getglobal" tag methods, not the
When you are done with the script, undo the meta/tag method and set the
"different table" to nil.
[mailto:email@example.com]On Behalf Of Leigh McRae
Sent: Wednesday, October 22, 2003 9:06 AM
To: Lua list
Subject: One time scripts
Using lua 4.01 and only one Lua_State, does anyone know how to make a lua
script be a one time only? I have some config files I use lua for and I can
set any of the tables in the script to nil but I still have the code around.
I need a way to kick everything out that the file had.
Rockstar Games Toronto