Re: Reloadable Lua "Modules"
[
Date Prev][
Date Next][
Thread Prev][
Thread Next]
[
Date Index]
[
Thread Index]
- Subject: Re: Reloadable Lua "Modules"
- From: Rici Lake <lua@...>
- Date: 2007年2月13日 14:40:55 -0500
On 13-Feb-07, at 1:23 PM, Jerome Vuarand wrote:
On the other hand you have all people just wanting a basic script
system. Basic programming, web design, level design, scripting of an
already exising application engine. All these people have few
requirement on the language and just perform simple API calls. They may
use full fledge Lua in their scripts, but don't mind having a more
basic
(and easily securable) interface with the rest of the world.
That's a supposition, though.
Suppose our basic (or Basic :) ) programmer Joe Powerless finds an
interesting Lua module somewhere, and wants to use it. Or perhaps he
reads up a little Programming in Lua, and suddenly see how useful a
coroutine could be, Or maybe just sees an example on the Wiki where
I've written ("%2i => %s"):format(i, v)
Those might not be "requirements", but it seems a pity to tell say to
Joe that he's not a sufficiently Powerful programmer to use interesting
Lua constructs. After all, they're not that complicated, and many
people are actually able to make the jump to functional programming. :)
Rings is a great solution for running untrusted independent scripts,
such as in a webserver, but it's rather less help for inserting little
scripts into embedded environments (say, as an internal scripting
language for a database), particularly embedded environments themselves
partially written in Lua where interchanging objects with plug-ins is
more important, and the cost of serialization is prohibitive.
I'd prefer to think of the issues I presented in the previous message
as things which still require some thought in the design of Lua, rather
than as a demonstration that advanced features are hard to secure. They
are, perhaps, harder to secure, but it shouldn't be beyond the
ingenuity of the Lua community to figure out how to do it. After all,
Lua is much closer to being a secure environment than any other popular
scripting language I know; it would be nice to nail down the few
remaining loose ends.