We run the Lua plugin, but we are only running Lua written by employees. There are Linux kernel updates that can be deployed to fix the problem. Cloud providers and servers running multiple VMs would be systems that are more vulnerable to this attack. The downside in fixing the problem is a likely increase in CPU usage.
-Bryan > On Jan 8, 2018, at 12:20 PM, Chou, Peter <[email protected]> wrote: > > Hi, > > We see that there are compiler changes on the way for mitigating the > Meltdown/Spectre issues. Is there any recommendation on whether ATS should be > re-compiled, or is ATS alright assuming the built-in Lua JIT is only used for > local, trusted Lua code? > > Thanks, > Peter
