lua-users home
lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

On Mon, Feb 18, 2013 at 10:45 PM, Duncan Cross <> wrote:
On Sun, Feb 17, 2013 at 12:09 PM, marbux <> wrote:
> Was just looking at the MediaWiki developers progress on integration
> of Lua 5.1. They've generated a fair bit of documentation on their
> progress, changes they made in Lua, etc.

Very interesting. I notice that coroutine functions are not available,
because "No application is known for us, so it has not been reviewed
for security." This seems like a great shame to me, coroutines can be
very useful for iterators and all sorts of things, I consider them one
of the best things about Lua. I admit I have no idea about potential
security concerns though - are there are commonly known ones with
regard to coroutines?

Part of security in our case is performance and resource usage; we'd need to make sure someone can't somehow abuse coroutines to bypass the CPU or memory limits in our sandbox.

If you have a compelling use case for coroutines in the context of MediaWiki and Scribunto, let us know.

Brad Jorsch
Software Engineer
Wikimedia Foundation