[Date Prev][Date Next][Thread Prev][Thread Next]
- Subject: Re: Turing-incomplete Lua?
- From: David Given <dg@...>
- Date: Wed, 1 Dec 2004 12:02:07 +0000
On Wednesday 01 December 2004 01:07, Asko Kauppi wrote:
> Imho, this is not a question of Turing-to-or-not but of proper
> sandboxing, right? I mean, if there's absolutely no way the program
> can contact outside world (read files etc.) then what harm could
> turingness possibly do?
If your applications just want to deal with static configuration files, i.e.
the configuration won't change each time it's run, then you could plausibly
do everything in two stages: you write your configuration in a Lua script,
which is then executed by a preprocessor that emits the data in a binary,
easy-to-parse format which is used by your applications.
This way any problems with the configuration files will be detected *before*
the configuration goes live. So you don't end up with, say, your mail setup
locking solid because /etc/exim.lua has an infinite loop in it.
It would also be fairly simple to arrange things so that the script was
executed as an unpriviledged user, rather than root, too, which would improve
+- David Given --McQ-+
| email@example.com | "I have a mind like a steel trap. It's rusty and
| (firstname.lastname@example.org) | full of dead mice." --- Anonymous, on rasfc
+- www.cowlark.com --+