[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: proplib and the jet age
Am 05.01.2013 um 01:30 schrieb David Holland
> On Fri, Jan 04, 2013 at 11:42:33PM +0000, Christos Zoulas wrote:
>>>> I somewhat recently migrated one of my own projects to use lua
>>>> scripts as configuration files rather than a custom "key=value"-pair
>>>> type configuration.
>>> Obviously you do what you need to do (for whatever reasons)... but do
>>> keep in mind that in general, using Turing-complete languages for
>>> configuration is a bad thing.
>> If the sandbox excludes all function calls, it is ok, no?
> Depending on what you mean by "ok".
> It may be "safe" in the sense that bundles that allege to be
> configuration cannot execute rm -rf /, and even "safe" in the sense
> that they can't begin executing an infinite loop.
This can be done. Executing arbitraty unix commands is not possible by default
and there are at least two different ways to prevent endless loops.
> It is not "safe" in the sense that the space of possible
> configurations is kept to the minimum necessary; it is also not "safe"
> in the sense that the correspondence between configuration text and
> resulting program behavior is kept comprehensible.
The first point does not really matter, the second point is true. "Looking at
the configuration" means executing a program. But then, it's usually very
readable and the flexibility that is gained by far outweighs the disadvantages,
> It is these latter properties that are important in the long run
Main Index |
Thread Index |