[Date Prev][Date Next][Thread Prev][Thread Next]
[Date Index]
[Thread Index]
- Subject: Re: The problem with stack-based environments...
- From: joao lobato <btnfdp.lobato@...>
- Date: Sun, 31 Jan 2010 19:35:20 +0000
Lua provides mechanisms, you write the modules.
Couldn't you wrap every method of your plugin such that
plugin:method()
would actually do
local results
local table = table
in sandbox do
results = table.pack(plugin:method())
end
return table.unpack(results,1,results.n)
(using proxy tables with __index functions)?
On 1/31/10, Mark Hamburg <mark@grubmah.com> wrote:
> As the primary proponent of stack-based-environments -- though I will
> identify myself less as a proponent and more as someone who has tried get
> clarity around what in-do-end seems to be implying (as opposed to what it
> actually does) -- I need to call out the biggest problem that's occurred to
> me with them:
>
> While sandboxing itself is easy:
>
> in sandbox do
> sandboxed_function()
> end
>
> If the sandbox generates an object or a callback for later use:
>
> local plugin
> in sandbox do
> plugin = plugin_loader()
> end
>
> We need to decide what to do when we later invoke a method on the object or
> invoke the callback. A straight call as in:
>
> plugin:method()
>
> will not get sandboxed. We can certainly wrap it up in an appropriate
> sandboxing construct, but that's going to be a pain to remember to do and
> its going to be awkward in places where we want to work with the results of
> the method call since in-do-end is not an expression.
>
> Furthermore, we may not want it always wrapped. If we are exploiting the
> stack-based environments for i/o redirection, for example -- a standard use
> case -- then we probably want that redirection preserved into the method
> call.
>
> I don't have a proposed resolution at this time that would resolve this
> tension.
>
> Mark
>
>
