[Date Prev][Date Next][Thread Prev][Thread Next]
- Subject: Re: LuaJIT FFI __gc metamethod?
- From: Mike Pall <mikelu-1102@...>
- Date: Mon, 28 Feb 2011 23:54:42 +0100
Josh Haberman wrote:
> [...] but AFAIK Lua (without FFI) can be sufficiently sandboxed
> such that a ptrace sandbox is not necessary.
Maybe for an extremly restricted subset of Lua and if you
relentlessly scrutinize every single interface function you offer
to the untrusted code.
Others have repeatedly failed to keep their sandboxes sealed. See
Java, see Flash, see Acrobat. And they had 15 years of time to get
it right. Why do you believe you can do better?