lua-users home
lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

Incidentally, is this for a particular application? Off the top of my head, I can't think of anything that would use an untrusted config file.
An example would be sharing snippets of your emacs initialization file with
other people -- you see a lot of these floating around on the web, and some of
them are hundreds, or even thousands, of lines of Lisp code. It's not just
an issue of trust, it's also an issue of verifiability and reliability. For
instance, I don't want to make a change to my own sendmail config file that
would, without my intending it, cause sendmail to go into an infinite loop
under certain obscure conditions. I think your Quake example is also very
Sorry to be a wet blanket, but I'm still having difficulty getting my head around the concept of untrusted config files:

1) People have been passing binaries and snippets of code around in the internet for a while now and that seems to work ok. I'd guess that people would be just as suspicious of config files from an untrusted source as they would executables. I certainly am. 2) Malicious config files can often render the host application unusable anyway. I'm not very familiar with sendmail, but couldn't a malicious config file do some pretty unpleasant stuff? At least hanging is an immediately obvious symptom that something's wrong,

Could someone set me straight please?