Re: os.execute is scary;

lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

Subject: Re: os.execute is scary;
From: Reuben Thomas <rrt@...>
Date: Wed, 28 Jan 2004 22:16:15 +0100 (CET)

> We've modified the standard functions so that 'os.execute', 'os.popen' and
> some other things (eg os.open etc) are classed as 'sensitive' functions.
>
> A lua script can call a function 'io.enablesecurity("password")' which will
> disable all these functions, until 'io.disablesecurity("password")' is called.

What's the problem with simply executing user scripts in a different
global environment? The existing facilities are geared to doing exactly
this.

-- 
http://www.mupsych.org/~rrt/ | golf, n.  a good walk spoiled (Twain)

References:
- [ANNOUNCE] lua stdlibs release: now Lua 5 compatible, Reuben Thomas
- os.execute is scary; Jay rants about strings again (was Re: [ANNOUNCE] lua stdlibs release: now Lua 5 compatible), Jay Carlson
- Re: os.execute is scary;, Paul Smith

Prev by Date: Re: os.execute is scary; Jay rants about strings again (was Re: [ANNOUNCE] lua stdlibs release: now Lua 5 compatible)
Next by Date: RE: Bugs.. ? (was: Re: Lua-users standard libraries project: anyone game?)
Previous by thread: Re: os.execute is scary;
Next by thread: Re: os.execute is scary; Jay rants about strings again (was Re: [ANNOUNCE] lua stdlibs release: now Lua 5 compatible)
Index(es):
- Date
- Thread