Re: [ANN] Lunatik -- NetBSD kernel scripting with Lua (GSoC project

[Lourival Vieira Neto <lourival.neto%gmail.com@localhost>]

On Tue, Oct 12, 2010 at 12:32 AM, David Holland
<dholland-tech%netbsd.org@localhost> wrote:
> On Sat, Oct 09, 2010 at 07:34:43PM -0300, Lourival Vieira Neto wrote:
>  > > A signature only tells you whose neck to wring when the script
>  > > misbehaves. :-) Since a Lua script running in the kernel won't be
>  > > able to forge a pointer (right?), or conjure references to methods or
>  > > data that weren't in its environment at the outset, you can run it
>  > > in a highly restricted environment so that many kinds of misbehavior
>  > > are difficult or impossible.  Or I would *think* you can restrict the
>  > > environment in that way; I wonder what Lourival thinks about that.
>  >
>  > I wouldn't say better =). That's exactly how I'm thinking about
>  > address this issue: restricting access to each Lua environment. For
>  > example, a script running in packet filtering should have access to a
>  > different set of kernel functions than a script running in process
>  > scheduling.
>
> ...so what do you do if the script calls a bunch of kernel functions
> and then crashes?

if a script crashes, it raises an exception that can be caught by the
kernel (as an error code)..

--
Lourival Vieira Neto