Re: lua bytecode and sandbox evasion ?

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

• Subject: Re: lua bytecode and sandbox evasion ?
• From: Roberto Ierusalimschy <roberto@...>
• Date: 2016年9月14日 11:09:41 -0300

---

> Yes, it is known, and credible. Defence is to not load untrusted bytecode,
> or to build your sandboxes at the OS level rather than the Lua level.
Note that Lua 5.2 introduced the parameter 'mode' in 'load' and
'loadfile', which allows us to prevent the execution of bytecodes.
-- Roberto

---

• References:
  • lua bytecode and sandbox evasion ?, tst2005
  • Re: lua bytecode and sandbox evasion ?, Peter Cawley

• Prev by Date: Re: many beautiful things
• Next by Date: Re: Programming in Lua, fourth edition
• Previous by thread: Re: lua bytecode and sandbox evasion ?
• Next by thread: Re: Programming in Lua, fourth edition
• Index(es):
  • Date
  • Thread