On Tue, Nov 27, 2018, at 10:29, Soni L. wrote:
I am concerned about an attacker setting a __gc metamethod that loops forever and can't be broken.
So this is more about debug hooks not running during `__gc` then?
This is a very real problem that has existed for a very long time [1].
I don't know another solution than not allowing untrusted users to set `__gc`.
All sandboxes I know about (including those implemented in C) that do and
don't do something very violent like spawning a thread and killing it after some
time when unresponsive are somehow vulnerable to this.
--
Pierre Chapuis