Re: future of bytecode verifier

lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

Subject: Re: future of bytecode verifier
From: Olivier Galibert <galibert@...>
Date: Thu, 5 Mar 2009 18:17:17 +0100

On Thu, Mar 05, 2009 at 11:44:26AM -0500, Evan DeMond wrote:
> Sorry, I think I misunderstood you a bit, ignore my last comment there. You
> meant that something embedding Lua will run at the same level of security as
> the host application, correct?

Essentially yes.  Security only enters the picture when the lua code
comes from somewhere you don't control or when the embeeding
application has elevated priviledges w.r.t what you normally have.
These cases exist (lua bots, game scripts sent to other clients or
servers...), but they're rare.

  OG.

References:
- Re: future of bytecode verifier, Olivier Galibert
- Re: future of bytecode verifier, Evan DeMond
- Re: future of bytecode verifier, Evan DeMond

Prev by Date: Re: future of bytecode verifier
Next by Date: Re: future of bytecode verifier
Previous by thread: Re: future of bytecode verifier
Next by thread: Garbage collection in context of C++ and toLua
Index(es):
- Date
- Thread