lua-users home
lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

Vladimir Protasov <> writes:
> I've checked out hashing in Lua source code and see now. 
> I think, there should be configure option to use hashing of full
> string instead of small part of it. And it should be enabled by
> default.

Er, I don't think it should be enabled by default...

Lua is used in many "user facing" applications, but I'll bet 99% of
these are under absolutely no threat from a "DOS attack" (there's no
point to a user DOS'ing only himself after all)...

This sort of attack is only an issue in a very narrow range of
applications, and the people developing those applications need to be
aware of the issue.  They can enable the feature.


gravity a demanding master ... soft soft snow