[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: [patch] safety of Lua byte code
> Nobody would seriously claim, I think, that one can algorithmically
> determine whether a given fragment of Lua *source* code is malicious.
It is impossible, because the _very same code_ may be fairly called
malicious when presented for execution by an attacker but not when
presented for execution by a suitably authorized person. Therefore,
information beyond the code itself is necessary to determine malice.
Note, too, that there is nothing Lua-specific in the above argument.
/~\ The ASCII Mouse
\ / Ribbon Campaign
X Against HTML mouse%rodents-montreal.org@localhost
/ \ Email! 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B
Main Index |
Thread Index |