lua-users home
lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

It was thus said that the Great Viacheslav Usov once stated:
> On Sat, Sep 24, 2022 at 2:51 AM Sean Conner <> wrote:
> >   So I suppose you have something like:
> >
> >         do
> >           local lua_require = require
> >           local function new_require(modname)
> >             if allowed_module(modname) then
> >               return lua_require(modname)
> >             else
> >               error(string.format("module %s not allowed\n",modname))
> >             end
> >           end
> >           require = new_require
> >         end
> Not really, as I explained in another message, but I can have that, too.

  Odd.  Your original message said:

> I have also replaced the global 'require' with my own function, which
> currently just calls (eventually) into the original require.

  So the code above seems to do just that---overrides the default require()
function, checks to see if a module is allowed, and then calls the default
require() function (I was trying to get a feel for how you might have done

> Just to make sure I understand your idea, I will rephrase it:
> The normal environment has 'require' that applies policy A.
> If it decides that the require request for X should be satisfied, it
> loads X with a modified environment, whose 'require' will apply policy
> B.
> Correct?

  Basically.  What I was trying to do was to have an allowed environment to
always call the original require(), bypassing your modified require().  I
was doing this so that an allowed module like:

	local foo = require "foo"
	return function()
	  local bar = require "bar"

would still work.  Finding _ENV might not be easy though (as pointed out by

> It seems that I should also separate 'package.loaded', otherwise Y
> (loaded by X) may become loadable by the main script (see my other
> email to Egor that describes the main/X/Y example setup).

  You mean by main peeking directly into package.loaded[]?