lua-users home
lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index] 

On 2010-01-12, Roberto Ierusalimschy <roberto@inf.puc-rio.br> wrote:
> > Proxy tables would bring in dynamic scoping  through a back door. Also
>  > proxy tables do not provide the same degree of isolation and
>  > compartmentalization as fenv.
>
>
> Can you explain? I mean, what are the differences bettwen proxy tables
>  and setfenv in those respects?
>
>  -- Roberto

Correct me if I am wrong, in proxy tables for a key "foo"
__index/__newindex are relevant only if the table does not already
have key "foo". A chunk can do the following thing to mess everything
up for all future invocations of the chunk within other "compartments"

--code inside the chunk:
local mt_saved= getmetatable(_G)
local __index_saved= mt_saved.__index
local __newindex_saved= mt_saved.__newindex
mt_saved.__index= nil
mt_saved.__newindex= nil

foo= "malicious devil's code goes here"

mt_saved.__index= __index_saved
mt_saved.__newindex= __newindex_saved

Please, note that here one cannot use __metatable trick to disable
access to the metatable. Ability to update __index/__newindex is
needed to setup proxy table for calling the chunk in other
compartments.

For all the subsequent invocations of the proxy malicious "foo" would
be used in place of the definition in __index.

I think that fenv provides a cleaner isolation.

--Leo--