Nmap Development mailing list archives
Re: Ncat's Lua socket abstraction - API protection, error behavior?
From: David Fifield <david () bamsoftware com>
Date: Tue, 3 Sep 2013 17:56:20 -0700
On Sun, Sep 01, 2013 at 05:39:55PM -0400, Patrick Donnelly wrote:
On Thu, Aug 29, 2013 at 12:05 PM, Jacek Wielemborek <wielemborekj1 () gmail com> wrote: As I told you on IRC, scripting environments often take a hands-off approach: "if you break it, you get to keep both pieces".
I generally agree with this idea. As long as scripts can't make Ncat crash in an unsafe way, or corrupt memory, we should let buggy scripts fail. So, for example, if you were exposing Nsock event IDs in a table that scripts can modify, that would be bad, because Nsock doesn't expect you to just invent new event IDs and pass them to it. But if the script gets a copy of such a table that doesn't change Ncat's internal structures when modified, go ahead and let the script stomp all over it. David Fifield _______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Ncat's Lua socket abstraction - API protection, error behavior? Jacek Wielemborek (Aug 29)
- Re: Ncat's Lua socket abstraction - API protection, error behavior? Daniel Miller (Aug 29)
- Re: Ncat's Lua socket abstraction - API protection, error behavior? Jacek Wielemborek (Sep 01)
- Re: Ncat's Lua socket abstraction - API protection, error behavior? Patrick Donnelly (Sep 01)
- Re: Ncat's Lua socket abstraction - API protection, error behavior? David Fifield (Sep 03)
- Re: Ncat's Lua socket abstraction - API protection, error behavior? Daniel Miller (Aug 29)