[Date Prev][Date Next][Thread Prev][Thread Next]
[Date Index]
[Thread Index]
- Subject: Re: Lua 5.3 Suggestion: extend lua_(get|set)uservalue() to associate userdata-to-userdata
- From: Rob Kendrick <rjek@...>
- Date: Tue, 3 Dec 2013 23:30:57 +0000
On Tue, Dec 03, 2013 at 10:06:05PM +0000, Sir Pogsalot wrote:
> Well, when I was talking about this in #lua on Freenode I imagined a
> scenario where someone would break out of a sandbox to get at
> debug.setmetatable() and then cause a segfault. I was just trying to get
> across the point that I'd rather have someone get at os.exit() than cause a
> segfault -- as you may have atexit() or on_exit() handlers or some other
> form of cleanup you want to happen. A segfault kind of prevents that..
Stop there.
If an attacker in your sandbox can get at debug.setmetatable() then
there are a billion ways you have already lost.
And a segfault leaves you a debugging trail that lets you see what
happened that os.exit() does not.
B.
- References:
- Re: Lua 5.3 Suggestion: extend lua_(get|set)uservalue() to associate userdata-to-userdata, Sean Conner
- Re: Lua 5.3 Suggestion: extend lua_(get|set)uservalue() to associate userdata-to-userdata, Sir Pogsalot
- Re: Lua 5.3 Suggestion: extend lua_(get|set)uservalue() to associate userdata-to-userdata, Sean Conner
- Re: Lua 5.3 Suggestion: extend lua_(get|set)uservalue() to associate userdata-to-userdata, Sir Pogsalot
- Re: Lua 5.3 Suggestion: extend lua_(get|set)uservalue() to associate userdata-to-userdata, Sean Conner
- Re: Lua 5.3 Suggestion: extend lua_(get|set)uservalue() to associate userdata-to-userdata, Sir Pogsalot
- Re: Lua 5.3 Suggestion: extend lua_(get|set)uservalue() to associate userdata-to-userdata, Sean Conner
- Re: Lua 5.3 Suggestion: extend lua_(get|set)uservalue() to associate userdata-to-userdata, Sir Pogsalot
- Re: Lua 5.3 Suggestion: extend lua_(get|set)uservalue() to associate userdata-to-userdata, David Heiko Kolf
- Re: Lua 5.3 Suggestion: extend lua_(get|set)uservalue() to associate userdata-to-userdata, Sir Pogsalot
