lua-users home
lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

The CTM book p.203ff (online version reachable from Wikipedia p.207ff)


defines secure values, i.e. data structures inaccessible without knowing a special key. The goal is to create secure abstract data types (stacks, etc.) that protect suitable parts of their internal representations (e.g. revealing only access methods).

The CTM proposal has two parts. NewName is an operation that creates a unique name that cannot be printed or typed in. Chunks are limited records with only the selection operator '.' available.

Now chunks created with such a unique name as selection key can only be accessed if you know the key, otherwise throwing an error (and not revealing the key).

IMHO the whole CTM approach focussing on minimal extensions to a kernel language is very compatible with Lua's philosophy, so I wondered if this particular idea could be borrowed.

My question therefore to the list: how would one go about replicating this in (extended?) Lua, perhaps first for tables?

My initial thoughts were to use a metatable approach with a new write-only field mt.__secure (or perhaps __protected) guarding R/W access to protected entries of main table t. mt.__secure would hold the key k to unlock t[k] (perhaps generalized to a table of such keys k_i).
A new builtin name() generates fresh keys.

Rawget on t[k] must be impossible if protection is enabled. Perhaps type(k) == "name" and print(k) == "name:suppressed" or similar. No table-walking with next/(i)pairs etc. can discover k.

This is just to get the discussion started, ideas and feedback welcome!