[Date Prev][Date Next][Thread Prev][Thread Next]
- Subject: Re: [ANN] Lua C(omplete) Sandbox
- From: Patrick Donnelly <batrick@...>
- Date: Sat, 23 May 2009 08:41:52 -0600
On Sat, May 23, 2009 at 8:02 AM, Peter Cawley <firstname.lastname@example.org> wrote:
> Then the sandbox should contain a modified string.find function which
> invokes its own debug hook (or similar).
Debug hooks are not sufficient in an environment that contains most of
the Lua standard library. I built this sandbox to allow the debug
library (not debug.debug or debug.getregistry) and loadstring (which
can be used, as you know, to cause segmentation faults or similar).
For these reasons, an external process makes sense. The use of debug
hooks, to prevent the process from executing too long, does not. It
would require extensive replacement of the Lua standard library which
clearly would lead to nothing but bloat and inflexibility. There are
other, simpler mechanisms available to accomplish the same thing.
Further, there may be libraries the host wishes to allow (such as
lpeg*) that possibly contain similar avenues for an infinite loop.
Replacing library functions in this way would prove very inflexible;
no one would want to use it.
* I don't know that lpeg is capable of infinite loops, but I believe it is.
"Let all men know thee, but no man know thee thoroughly: Men freely
ford that see the shallows."
- Benjamin Franklin