lua-users home
lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]


Mike Pall wrote:

> Ok, setmetatable() does not work on userdata objects. But you can change
> the contents of the metatable itself:
>
> u = any_userdata_constructor()
> getmetatable(u).__gc = nil      -- Ouch!
> u = nil
> collectgarbage()
>
> This will lead to resource depletion in the best case (e.g. lost file
> handles) and to memory corruption in the worst case (there may be
> dangling backreferences to userdata memory).
>
> The current approach is *not* safe unless you deny the sandbox access to
> getmetatable() or use a wrapper. But then you might as well protect
> setmetatable(), too. I think the setmetatable() pseudo-safeguard provides
> a false sense of security.
>

But you can protect the real metatable from user by setting
the __metatable field in it. The protection mechanism
seems ok to me.


        Eero