[Date Prev][Date Next][Thread Prev][Thread Next]
[Date Index]
[Thread Index]
- Subject: Re: future of bytecode verifier
- From: rui <ruivaldo@...>
- Date: Wed, 4 Mar 2009 18:21:09 -0300
I guess the point is: Why have a verifier if it is flawed ?
I´m quite new here, so sorry for the intrusion, but i vote to be
removed. Less code, better to Lua :).
rui.
On Wed, Mar 4, 2009 at 5:36 PM, Alexander Gladysh <agladysh@gmail.com> wrote:
> On Wed, Mar 4, 2009 at 9:58 PM, Luiz Henrique de Figueiredo
> <lhf@tecgraf.puc-rio.br> wrote:
>> Following several bytecode exploits found by the relentless Peter Cawley
>> and others, we are considering dropping the bytecode verifier completely in
>> Lua 5.2. It seems useless to make a promise that we can't seem to deliver
>> without a much more complicated verifier than the current one, and possibly
>> with the need for costly runtime checks as well.
>
> I agree.
>
>> Our impression is that applications that are open to running arbitrary Lua
>> code provided by the user should avoid accepting precompiled scripts. So we
>> think that adding a flag to load (the Lua function from the base library)
>> to check for and reject precompiled scripts is enough for Lua-based apps
>> to be able to reject precompiled scripts if they want to. We don't think
>> anything else is needed in the C side, since you can always write you own
>> lua_Reader function to reject precompiled scripts.
>
> Perhaps a luaL_* convenience function?
>
> Alexander.
>
