[Date Prev][Date Next][Thread Prev][Thread Next]
- Subject: Re: Is Lua stable? (Was: Strange Operators (Was: Why I leave Lua (Was: Re: [ANN] Lua 5.3.0 (work3) now available)))
- From: William Ahern <william@...>
- Date: Fri, 11 Jul 2014 21:53:58 -0700
On Thu, Jul 10, 2014 at 10:56:46PM -0400, Jay Carlson wrote:
> On Jul 10, 2014 10:10 PM, "Steven Degutis" <email@example.com> wrote:
> > I understand where you're coming from in wanting
> > more flexibility in the API and in Lua itself. I especially understand
> > it having written a few ObjC bridges myself, being no stranger to
> > NSInvocation and family.
> > I'm also quite disillusioned about such bridges in the first place,
> > having come to the same conclusion that Apple apparently has (as
> > they've deprecated all bridges and made NSInvocation inaccessible via
> > Swift), namely that bridges between even mildly disparate programming
> > languages are inherently broken and should be avoided except in the
> > rarest of prototypical cases.
> Do you think discouraging NSInvocation is to make static analysis easier?
> If so, would this have an impact on the App Store control process?
I would guess that NSInvocation generates code at run-time, and does so in a
way that makes it too easy for attack code to leverage. In other words, it's
a gigantic hole in the W^X memory protection scheme.
Java, LuaJIT, and similar environments also generate code at run-time, but
they don't do so in a way that can be easily manipulated by code running
inside the interpreters.