[Date Prev][Date Next][Thread Prev][Thread Next]
[Date Index]
[Thread Index]
- Subject: Re: Simple Lua for scripts
- From: Benno <benjl@...>
- Date: Tue, 23 Aug 2005 22:09:13 +1000
On Tue Aug 23, 2005 at 12:41:36 +0100, Jamie Webb wrote:
>On Mon, Aug 22, 2005 at 10:58:25PM -0300, Alain wrote:
>> That is ok and most of the time works. Users most of the time have a way
>> of transforming a situation, and then is when I don't trust them.
>>
>> If a user can say: "The specs say it is Lua code, this is Lua code so it
>> should work for you too". That is when they get most agressive. When I
>> can say that it isn *not* lua, but something with special limitation and
>> if I can enforce such limitations, then I *can*trust* the users because
>> they have no ground for argueing.
>>
>> In the last years, I learned some interesting things about users: if
>> they thing that they will get away with it, they will try to break it.
>> If they feel that you can catch them (audit logs, video recordings) then
>> they don't even try.
>
>So, replace all the 'dangerous' functions with:
>
>function os.execute()
> emailSysAdmin()
> print [[
>This function is disabled. You are very bad for trying to use it. The
>system administrator has been notified. Big brother is watching.
>]]
>end
>
>If you run Lua with a sandbox, it /is/ a restricted version and you
>/can/ enforce that. And you /can/ tell your users it's a restricted
>version. Why are you so convinced that sandboxing won't do what you
>want?
Everyone here seem to be missing what the OP wants, which is that they
want to change the *syntax* of Lua, not the functions a user can
access.[*]
So, for example the probably don't want them defining function, or using
loops.
Of course, I agree with the other replies that this probably isn't something
that can easily be done in Lua.
Cheers,
Benno
[*] Disclaimer: I could of course be wrong, but that was the impression I got
when reading the original posts.
