[Date Prev][Date Next][Thread Prev][Thread Next]
- Subject: Re: future of bytecode verifier
- From: Dirk Feytons <dirk.feytons@...>
- Date: Thu, 5 Mar 2009 15:34:58 +0100
On Thu, Mar 5, 2009 at 3:07 PM, Luiz Henrique de Figueiredo
>> You are suggesting that lua_load is still there but is administratively
>> deprecated and new code is encouraged to use a new function, luaL_load
>> instead? So luaL_loadbuffer, luaL_loadfile and luaL_loadstring would all
>> require the extra "nobinary" flag as well?
> No, only those apps that accept arbitrary user code. Those would use luaL_load
> if they want to avoid running user code in binary. Existing apps that run
> binary code from known, safe sources, such as their installation directories,
> don't have to change anything. We expect those are the majority of the apps.
> But perhaps our perception of what apps are out there is wrong.
Somewhat related question: could an option be added to luaconf.h to
select whether loading precompiled scripts is supported (and if not,
the undump code is not compiled at all)?