lua-users home
lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]


On Mon, Jun 24, 2019 at 9:13 PM Egor Skriptunoff <egor.skriptunoff@gmail.com> wrote:

> What trouble you are talking about?

The trouble is the pervasive use of the unsafe paradigm in extant library code and the obscurity of the subject.

> A metatable of a host object must not be accessible to untrusted guest code inside a sandbox.
> (independently of whether __gc field exists in the metatable or not)

I actually disagree with this as stated.

Regardless, PiL4 says this: "Such behavior is unacceptable for any Lua library. No matter how we use a library, it should neither corrupt C data nor cause the Lua system to crash" (p. 268). This statement is  absolute without restrictions such as "untrusted guest code inside a sandbox". The examples I gave earlier all corrupt C data. So this issue has nothing to do with sandboxing and much to do with writing a C library properly, and the means available for that purpose.

Cheers,
V.