lua-users home
lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

SM> I'd vote against it

This is not a problem at all! In Lua you may create security environment.
For example, in our project we use 'require' function to implement dynamic

require "base"
require "io"
require "tk"

entry = tk.entry{}
f = io.openfile("name.txt")
an so on...

But, in any time we can do:

local r = require
require = nil
require = r

What's all. Nothing to worry about.

SM> This is the approach I've taken with Scriptix.  The only other major
SM> feature I'd like to see in a script language (and which may be overkill
SM> for Lua) is a security priv's system.

And this is may be implemented easy:

local r = require

require = function (name)
  if name == "ui" then
    error("security error!")

require = r

So, this is easy to... And you may use tag-methods for implement dynamic
security environments.

This is a great power of lua.

Sorry for bad English... :(