Mail Archives: geda-user/2015/02/05/21:29:12

www.delorie.com/archives/browse.cgi

search

Mail Archives: geda-user/2015/02/05/21:29:12

X-Authentication-Warning: delorie.com: mail set sender to geda-user-bounces using -f

X-Recipient: geda-user AT delorie DOT com

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=gmail.com; s=20120113;

h=mime-version:in-reply-to:references:date:message-id:subject:from:to

:content-type;

bh=8hDT+AYDcWoBz1/HWTvlI74tcnTPWgdNiulDS97S8/E=;

b=cM9XrDxjPGZA3JLEZ2r5ByWxYZvalU745KW+K3WQA1hDzedUrgmS20zFDQt7yoyvIA

AExIZvbGNiX04sjKPBeBgL+TQGFxsNuGmg9Nd38w5eoQ5fPuQ++cJcOpjAOvvURc3yFT

khJkvid/jl+iPiMCQP3D8DbRDcMDXl1hubYx76GVE25U0n2u7XW4BJPwQeCq/PgeXYeO

6vMDDNbD+puwXy9i/q9Uac2RYCB8NLIcvpt8kIb3xJgXFZTB4NLc2ljZZ+zgwMpgr1Q3

9Rzl87KJfiO+glhJPw85tDV36k6n7vFuKD+JFvBx7LehgtnxI62Qeyg5br786g9PIZbx

ApFg==

MIME-Version: 1.0

X-Received: by 10.182.103.232 with SMTP id fz8mr880746obb.59.1423189665592;

Thu, 05 Feb 2015 18:27:45 -0800 (PST)

In-Reply-To: <201502060200.t1620YDd010606@envy.delorie.com>

References: <CAOFvGD7pJTo8A=MXVbuuXO=++0vGukUyqVfckVtnCi99ziqWJQ AT mail DOT gmail DOT com>

<201502060200 DOT t1620YDd010606 AT envy DOT delorie DOT com>

Date: Thu, 5 Feb 2015 21:27:45 -0500

Message-ID: <CAOFvGD6bt5KWiMuTXsGj+=uSwL3XahRYJohJTu-UYrYU22Q=hQ@mail.gmail.com>

Subject: Re: [geda-user] Using Lua to safely read configuration and layout

files (program attached)

From: Jason White <whitewaterssoftwareinfo AT gmail DOT com>

To: geda-user AT delorie DOT com

Reply-To: geda-user AT delorie DOT com

Errors-To: nobody AT delorie DOT com

X-Mailing-List: geda-user AT delorie DOT com

X-Unsubscribes-To: listserv AT delorie DOT com

On Thu, Feb 5, 2015 at 9:00 PM, DJ Delorie <dj AT delorie DOT com> wrote:
>
> This isn't a technical problem, it's a policy problem.  "Executable
> data" is a justified trigger for paranoia, and we should avoid it.

DJ,

The files are just data, their is nothing executable about them. This
is simply using a parser to store numbers and strings on a stack, this
no different that what geda already does except it uses a preexisting
library to accomplish it. The parser is incapable of affecting the
system, all it can do it push numbers and strings onto its stack.

-- 
Jason White

- Raw text -

webmaster	delorie software privacy
Copyright © 2019 by DJ Delorie	Updated Jul 2019

X-Authentication-Warning:	delorie.com: mail set sender to geda-user-bounces using -f
X-Recipient:	geda-user AT delorie DOT com
DKIM-Signature:	v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=gmail.com; s=20120113;
	h=mime-version:in-reply-to:references:date:message-id:subject:from:to
	:content-type;
	bh=8hDT+AYDcWoBz1/HWTvlI74tcnTPWgdNiulDS97S8/E=;
	b=cM9XrDxjPGZA3JLEZ2r5ByWxYZvalU745KW+K3WQA1hDzedUrgmS20zFDQt7yoyvIA
	AExIZvbGNiX04sjKPBeBgL+TQGFxsNuGmg9Nd38w5eoQ5fPuQ++cJcOpjAOvvURc3yFT
	khJkvid/jl+iPiMCQP3D8DbRDcMDXl1hubYx76GVE25U0n2u7XW4BJPwQeCq/PgeXYeO
	6vMDDNbD+puwXy9i/q9Uac2RYCB8NLIcvpt8kIb3xJgXFZTB4NLc2ljZZ+zgwMpgr1Q3
	9Rzl87KJfiO+glhJPw85tDV36k6n7vFuKD+JFvBx7LehgtnxI62Qeyg5br786g9PIZbx
	ApFg==
MIME-Version:	1.0
X-Received:	by 10.182.103.232 with SMTP id fz8mr880746obb.59.1423189665592;
	Thu, 05 Feb 2015 18:27:45 -0800 (PST)
In-Reply-To:	<201502060200.t1620YDd010606@envy.delorie.com>
References:	<CAOFvGD7pJTo8A=MXVbuuXO=++0vGukUyqVfckVtnCi99ziqWJQ AT mail DOT gmail DOT com>
	<201502060200 DOT t1620YDd010606 AT envy DOT delorie DOT com>
Date:	Thu, 5 Feb 2015 21:27:45 -0500
Message-ID:	<CAOFvGD6bt5KWiMuTXsGj+=uSwL3XahRYJohJTu-UYrYU22Q=hQ@mail.gmail.com>
Subject:	Re: [geda-user] Using Lua to safely read configuration and layout
	files (program attached)
From:	Jason White <whitewaterssoftwareinfo AT gmail DOT com>
To:	geda-user AT delorie DOT com
Reply-To:	geda-user AT delorie DOT com
Errors-To:	nobody AT delorie DOT com
X-Mailing-List:	geda-user AT delorie DOT com
X-Unsubscribes-To:	listserv AT delorie DOT com