lua-users home
lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

On Fri, May 11, 2012 at 12:51:24PM -0700, Graham Wakefield wrote:
> Even if no yield/resume is used, since session_data encapsulates some data which are external to Lua, its contents could have been modified between any two ordinary Lua instructions; session_data:handle_login() should be implemented to throw an error if the session_data contents have become invalid. The same applies to a callback-based system; the session_data object still needs to be checked for consistency whenever it is used. 
> Where the implicit coroutine yield approach can be problematic is when the
> user expects a non-local pure Lua object to contain the same values before
> and after this:log(). It can be a big gotcha, but the clarity of
> exposition and preservation of the stack might be worth it.

I think this issue is overblown. But one way to address it is to redirect
all global lookups through an emphemeron table indexed by the coroutine
itself. This works well for situations where you just want simple requests
to execute in a relatively isolated environment (e.g. an HTTP or SMTP
server). It's just basic sandboxing, really.