X-Authentication-Warning: delorie.com: mail set sender to geda-user-bounces using -f
X-Recipient: geda-user AT delorie DOT com
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20120113;
        h=mime-version:in-reply-to:references:date:message-id:subject:from:to
         :content-type;
        bh=/b36OynTIfdGCDtxzK8nNDz9FfKTBz/fKucqMYDfnoY=;
        b=HCctCCyD9fYS2CI3JqehoerufA0hJSLQ2LGWSvzbb3cEFilCcC6bdTl7b2IIYs+t6c
         7U7hG/oZCoIqVDvk7LETinKn364OaCxC0+inAWX8WsS1t7pBE6G1gtGjIo/RpHpLIvwi
         Z+t4VC7VTrLXCgxIEke0A0gOCjgzSvNF9Ebz0AMHv2ZZF5+mR7SSUsPTSGG+K8fZoUB3
         SIbqaTMUtALFfE7GkdtEqA2bwMmiLfW4P5hv1G1+vYuEZDjbC5USX8BUpcqPX7bC6ZW0
         oHkDfBYTTC0kwuvmrVnIagPf6EezXl+kIImoQz3eDiDPVSqbY7RFEA1CrB/YSGU6q7qs
         pH0A==
MIME-Version: 1.0
X-Received: by 10.60.124.17 with SMTP id me17mr3247084oeb.64.1423326014075;
 Sat, 07 Feb 2015 08:20:14 -0800 (PST)
In-Reply-To: <1423323918.1592.10.camel@cam.ac.uk>
References: <1420499386 DOT 3521 DOT 3 DOT camel AT cam DOT ac DOT uk>
	<20150202152654 DOT GA13336 AT cuci DOT nl>
	<54CFD589 DOT 9040702 AT xs4all DOT nl>
	<CAHBYzfRkn-nJb4JfrDYyaD0WwPrpZvAgi0QdHCusgz185iNoHA AT mail DOT gmail DOT com>
	<CAGde_xN-iNZUvHh-E47kx1EyoPRt1018wWiDwHhYQ9+od+cJwA AT mail DOT gmail DOT com>
	<20150203112631 DOT 3507a0c1 AT Parasomnia DOT thuis DOT lan>
	<20150204054256 DOT Horde DOT Pm1JV8RJbICk9SHvIGwZ7A3 AT webmail DOT in-berlin DOT de>
	<CAOP4iL2stWVCy3WK0=SNu2zAbs8t6B0uyAgFuOnzG8v_MrYNfw AT mail DOT gmail DOT com>
	<CAGde_xN5gs5r_on=HP2RN7cy6E=2EL9eK3cp+sd9BfBaWNLVew AT mail DOT gmail DOT com>
	<20150204193720 DOT Horde DOT 42xUN-NzhCJRWZne-M5eCQ1 AT webmail DOT in-berlin DOT de>
	<90236728-E79D-47C7-BFB1-34140DB85ACB AT sbcglobal DOT net>
	<CAOFvGD4M48Ap=UQzL_T3yzas2rJrNFfxXRUOkOe8gA8J3bQCHg AT mail DOT gmail DOT com>
	<1423323918 DOT 1592 DOT 10 DOT camel AT cam DOT ac DOT uk>
Date: Sat, 7 Feb 2015 11:20:13 -0500
Message-ID: <CAOFvGD6rwqf79obnSRQ4gyM0h8_5PQ-C0G2guRp8YU80oOAkig@mail.gmail.com>
Subject: Re: [geda-user] FOSDEM
From: Jason White <whitewaterssoftwareinfo AT gmail DOT com>
To: geda-user AT delorie DOT com
Content-Type: text/plain; charset=UTF-8
Reply-To: geda-user AT delorie DOT com
Errors-To: nobody AT delorie DOT com
X-Mailing-List: geda-user AT delorie DOT com
X-Unsubscribes-To: listserv AT delorie DOT com
Precedence: bulk

On Sat, Feb 7, 2015 at 10:45 AM, Peter Clifton <pcjc2 AT cam DOT ac DOT uk> wrote:
> On Wed, 2015-02-04 at 17:47 -0500, Jason White wrote:
>> Because of that, I recommend Lua (lua.org).
>
> Hah... you beat me to that.. I should read the full thread before
> replying!
>
>> Honestly, I wonder why we don't use something like Lua (or Python) for
>> our PCB and schematic file formats. Instead of having to write custom
>> text interpreters with yaml (or by even hand!) would could simply read
>> elements from an array defined in a Lua file.
>
> Because executable data is a BAD idea; PERIOD.
>
> This is both from a security point of view, and from the fact it can
> then only be executed to evaluate what it does. Executable config files
> are also evil (imo).

Peter,

In the Lua virtual machine I added a protected mode for reading "data"
files where I disabled all instructions not related to pushing
constants to the stack.

What does this mean? In this mode, a Lua file is not an executable
script; there are no functions, no function calls, no if statements or
for loops. The only thing that is allowed is the definition of
variables which are easily read out by a program. (Look at the example
program I linked to, it implements all this)

-- 
Jason White