lua-users home
lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

On Wed, Mar 11, 2009 at 11:56 AM, Mike Panetta <> wrote:
> If management is so worried about someone decompiling your application
> binary to access the Lua code, why are they not worried aboyt someone doing
> the same to the C code?  If someone can decompile your code at all (which
> they can, there is almost no way to stop someone from doing that) then there
> is no point in worrying about Lua specificly, even your IP written in C is
> at risk.

exactly my thoughts.  Lua only adds entry points if the Lua code is
from an untrusted source.  if your Lua code is linked into your
executable, a cracker would have to break that open first.

if you want a little more security, restrict the Lua environment as
much as possible, and put some checksums in the code to alert
modifications before executing.