[Date Prev][Date Next][Thread Prev][Thread Next]
[Date Index]
[Thread Index]
- Subject: Re: os.execute is scary;
- From: Paul Smith <paullocal@...>
- Date: Wed, 28 Jan 2004 17:37:06 +0000
At 17:15 28/01/2004, you wrote:
Almost all of the code is written purely in terms of the standard library
(one or two routines use standard Unix command-line utilities via
os.execute).
os.execute and io.popen are scary functions. When using them, you have to
be very certain about the contents of the strings being passed in. I'm
going to
Whilst on that topic (or not), I thought I'd just mention what we've done here.
We've modified the standard functions so that 'os.execute', 'os.popen' and
some other things (eg os.open etc) are classed as 'sensitive' functions.
A lua script can call a function 'io.enablesecurity("password")' which will
disable all these functions, until 'io.disablesecurity("password")' is called.
This is because, if we make lua scripting available to users, we want to be
able to turn off these functions, so we can call our own script first which
sets security and then calls the user script.
I actually think this would be quite a nice feature in the 'normal' lua
release as it doesn't affect anything unless you use the
'io.enablesecurity' function to disable the functions, but it gives you
that flexibility. The extra security checking does slow things down a bit
(obviously), but since it's only on os type functions, they're pretty slow
anyway ;-)
Paul VPOP3 - Internet Email Server/Gateway
support@pscs.co.uk http://www.pscs.co.uk/
