Follow-up Comment #1, bug #15725 (project freeciv): Here is a plan:
No unsafe functions (should be done) No NULL pointers and no wild pointers (in progress): 1. We check arguments everywhere. Script functions should try to assure success or raise a script error. 2. Debug module hidden to disallow access to stuff that we hide (below) No NULL pointers and no wild pointers (planned): 3. Limit access to the 'tolua' module (tolua.cast etc) 4. Remove access to all the API types' metatables (The table ".get" contains unprotected C function calls to look up object fields (.id, .name, .owner etc). Remove access to ".set" (all fields should be read-only, objects will be mutable by adding methods/setters instead) Are these goals too ambitious? In particular, item 1 is much more ambitious than it sounds like. (Depending on the API function of course). _______________________________________________________ Reply to this item at: <http://gna.org/bugs/?15725> _______________________________________________ Meddelandet skickades via/av Gna! http://gna.org/ _______________________________________________ Freeciv-dev mailing list Freeciv-dev@gna.org https://mail.gna.org/listinfo/freeciv-dev