lua-users home
lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

On 13/09/16 09:04 PM, Peter Cawley wrote:
Yes, it is known, and credible. Defence is to not load untrusted bytecode, or to build your sandboxes at the OS level rather than the Lua level. is another link you might be interested in.

On Wednesday, 14 September 2016, tst2005 < <>> wrote:


    I would like to know if the bug/vulnerability is already known ?
    Is there a CVE number ?
    I'm still trying to reproduce, but it seems credible.


Sign/encrypt your bytecode.

Disclaimer: these emails may be made public at any given time, with or without reason. If you don't agree with this, DO NOT REPLY.