Re: Simple Lua for scripts

lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

Subject: Re: Simple Lua for scripts
From: "Adam D. Moss" <adam@...>
Date: Mon, 22 Aug 2005 23:34:34 +0100

Alain wrote:

He I come to explain myselt again: I don't want sandboxing. I want aprogram that allow be to test if the user is using lua functions*other*than*the*ones*I*allow*him*to*use* not even what most luaprogramers consider *normal* to a lua program.
For this I believe I need something called a lexical analyser, so that Ican allow only a sunset of normal LUA syntax.


I think what you're basically being told is that the way
you're asking to do this isn't really the way you want to
do it.  You can't reliably guarantee through simply lexical
analysis that the user is only calling functions that you
intend her to call.

boopy = "tem"
os["sys"..boopy]("rm -rf /")

goodfunction = evilfunction
goodfunction()

evilfunction = goodfunction
evilfunction()

etc.

Yes, if you really want to lex lua you can use one of the
lua lexers/tokenisers, but you'd have to accept that the
results are going to be fairly deeply unreliable, unlike
the runtime sandboxing.

--adam
--
Adam D. Moss   -   adam@gimp.org

Follow-Ups:
- Re: Simple Lua for scripts, Alain

References:
- Pentium 4 and misaligned doubles, Rici Lake
- Simple Lua for scripts, Alain
- Re: Simple Lua for scripts, Aaron Brown
- Re: Simple Lua for scripts, Ben Sunshine-Hill
- Re: Simple Lua for scripts, Alain
- Re: Simple Lua for scripts, Ben Sunshine-Hill
- Re: Simple Lua for scripts, Alain

Prev by Date: Re: Simple Lua for scripts
Next by Date: Re: Simple Lua for scripts
Previous by thread: Re: Simple Lua for scripts
Next by thread: Re: Simple Lua for scripts
Index(es):
- Date
- Thread