Re: [Monotone-devel] Re: Question for Tim - testsuite.lua giant list

[Zack Weinberg]

On 7/4/06, Bruce Stephens <address@hidden> wrote:
> "Zack Weinberg" <address@hidden> writes:
> > (Note I can see this being useful
> > for hooks too - it has other useful things like stat, chmod, mkdir -
> > which is why I suggest grabbing the whole thing rather than just the
> > readdir implementation.)
>
> In the past there's been concern about allowing lua commands that have
> too much ability to cause damage, presumably on the grounds that
> people might grab hooks without looking carefully at them.

Given that hooks already have access to os.remove and os.execute (==
system()) I don't think adding filesystem primitives increases
people's exposure to dangerous hooks, although I suppose an argument
could be made for its being harder to grep for dangerous operations.

I'd argue that it would be better to restrict hooks based on paths
rather than operations (e.g. "no access to files outside the workspace
and the temp directory") but I recognize that that is substantially
harder.

> I'm not sure whether that still applies or not; and perhaps there's a
> clean way to enable them in the test suite without having them
> available in hooks.

The test suite involves an entirely separate Lua interpreter binary,
so it would be easy to provide the fs extension there and not in
hooks.

--

I notice now that the embedded copy of Lua appears to be major version
4, whereas Steve's code expects major version 5.  I'm tempted to just
dive in and update our copy - it sounds like there are a lot of other
nice things about it, looking at lua.org - but that might be a bigger
project than I realize, and perhaps Nathaniel thinks there are better
uses of my time...

zw