From: Mons Anderson <v.perepelitsa@corp.mail.ru>
To: Cyrill Gorcunov <gorcunov@gmail.com>
Cc: tarantool-patches@dev.tarantool.org
Subject: Re: [Tarantool-patches] [RFC 3/4] cfg: prepare symbolic evaluation of replication_synchro_quorum
Date: Thu, 26 Nov 2020 19:01:33 +0300 [thread overview]
Message-ID: <d3f55cb2-4390-e120-bd70-5697a5d277ce@corp.mail.ru> (raw)
In-Reply-To: <20201126144422.GC1231860@grain>
Some feedback on behalf of Vlad Grubov:
Quote:
Good idea, but it is not secure to export whole math to the
configuration. User must not have access to math table itself because it
can modify it's function which will take effect through entire
application. Moreover user must not have access to math.randomseed
for security reasons. User is allowed to have access to ceil, floor,
min, max, fmod, random, abs, sqrt.
So, I'd chande setfenv with:
setfenv(f, { N = %d, math = { ceil = math.ceil, floor = math.floor, abs
= math.abs,
random = math.random, min = math.min, max = math.abs,
sqrt = math.sqrt, fmod = math.fmod } })
On 26.11.2020 17:44, Cyrill Gorcunov wrote:
> On Thu, Nov 26, 2020 at 05:38:32PM +0300, Mons Anderson wrote:
>> For the formula evaluation I'd propose the following snippet:
>>
>> local expr = [[%s]]
>> local f, err = loadstring('return ('..expr..')')
>> if not f then error(string.format('Failed to load %%s: %%s',expr, err)) end
>> setfenv(f, { N = %d, math = math })
>> return math.floor( f() )
> Will do. And will address the rest of comments. Thanks
> for feedback!
next prev parent reply other threads:[~2020-11-26 16:01 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-11-19 19:40 [Tarantool-patches] [RFC 0/4] qsync: evaluate replication_synchro_quorum dynamically Cyrill Gorcunov
2020-11-19 19:40 ` [Tarantool-patches] [RFC 1/4] cfg: add cfg_isnumber helper Cyrill Gorcunov
2020-11-20 9:53 ` Serge Petrenko
2020-11-19 19:40 ` [Tarantool-patches] [RFC 2/4] qsync: move synchro quorum update to separate routine Cyrill Gorcunov
2020-11-20 10:06 ` Serge Petrenko
2020-11-20 11:01 ` Cyrill Gorcunov
2020-11-20 11:39 ` Serge Petrenko
2020-11-20 11:47 ` Cyrill Gorcunov
2020-11-19 19:40 ` [Tarantool-patches] [RFC 3/4] cfg: prepare symbolic evaluation of replication_synchro_quorum Cyrill Gorcunov
2020-11-20 10:32 ` Serge Petrenko
2020-11-20 11:34 ` Cyrill Gorcunov
2020-11-20 11:56 ` Serge Petrenko
2020-11-20 12:14 ` Cyrill Gorcunov
2020-11-26 14:38 ` Mons Anderson
2020-11-26 14:44 ` Cyrill Gorcunov
2020-11-26 16:01 ` Mons Anderson [this message]
2020-11-19 19:41 ` [Tarantool-patches] [RFC 4/4] qsync: allow to specify replication_synchro_quorum as a formula Cyrill Gorcunov
2020-11-20 10:50 ` Serge Petrenko
2020-11-20 12:01 ` Cyrill Gorcunov
2020-11-20 12:41 ` Serge Petrenko
2020-11-20 15:00 ` Cyrill Gorcunov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=d3f55cb2-4390-e120-bd70-5697a5d277ce@corp.mail.ru \
--to=v.perepelitsa@corp.mail.ru \
--cc=gorcunov@gmail.com \
--cc=tarantool-patches@dev.tarantool.org \
--subject='Re: [Tarantool-patches] [RFC 3/4] cfg: prepare symbolic evaluation of replication_synchro_quorum' \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox