lua-users home
lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

Alain wrote:
He I come to explain myselt again: I don't want sandboxing. I want a program that allow be to test if the user is using lua functions *other*than*the*ones*I*allow*him*to*use* not even what most lua programers consider *normal* to a lua program.

For this I believe I need something called a lexical analyser, so that I can allow only a sunset of normal LUA syntax.

I think what you're basically being told is that the way
you're asking to do this isn't really the way you want to
do it.  You can't reliably guarantee through simply lexical
analysis that the user is only calling functions that you
intend her to call.

boopy = "tem"
os["sys"..boopy]("rm -rf /")

goodfunction = evilfunction

evilfunction = goodfunction


Yes, if you really want to lex lua you can use one of the
lua lexers/tokenisers, but you'd have to accept that the
results are going to be fairly deeply unreliable, unlike
the runtime sandboxing.

Adam D. Moss   -