On Wed, Oct 06, 2010 at 07:14:48PM -0400, Matthew Mondor wrote: > On Wed, 6 Oct 2010 16:12:28 -0500 > Javier Guerra Giraldez <[email protected]> wrote: > > > just curious, why was that needed? is floating point forbidden by > > code conventions? > > As for possible problems like stack usage, I guess that if it's running > under an LWP context it probably is less restricted, but I agree that > preventing interpretation of non-trusted scripts would be better than > trying to cripple the Lua runtime as much as possible. Considering > that the cryptographic code export is now less restrictive than it used > to be, possibly that signature checking would also be nice to have, > other than only limiting access to the superuser.
A signature only tells you whose neck to wring when the script misbehaves. :-) Since a Lua script running in the kernel won't be able to forge a pointer (right?), or conjure references to methods or data that weren't in its environment at the outset, you can run it in a highly restricted environment so that many kinds of misbehavior are difficult or impossible. Or I would *think* you can restrict the environment in that way; I wonder what Lourival thinks about that. Dave -- David Young OJC Technologies [email protected] Urbana, IL * (217) 278-3933
