Comment by gilgamesh3
18 hours ago
Cool project, congrats.
I am trying to understand why would anyone prefer to use Lua to create script instead of Elixir, which supports running scripts. While Lua has lots of users the language just have too many wrong design choices. If I had the choice between Elixir and Lua for scripts I would use Elixir every time.
Elixir is not a sandboxed language, so you can't just accept arbitrary Elixir programs from users and execute them inside of your application without security concerns. Lua, on the other hand, can be executed in a sandboxed fashion, limiting and constraining the reach of user programs.
Check out Anthony Accomazzo's post about Mini-Elixir, which does a great job breaking this down much further https://blog.sequinstream.com/why-we-built-mini-elixir/
I would also personally prefer Elixir to Lua, but this would be great for allowing isolated/sandboxed BEAM processes to execute Lua code from your end users whom are likely unfamiliar with Elixir. As mentioned in the article, this is precisely what TV Labs uses it for to allow smart tv app developers to write and run tests for their apps.
https://docs.tvlabs.ai/scripting/introduction/getting-starte...
Lua can help if you're handing this over to someone else not just devs who know Elixir.
Also, as the sibling post mentioned, in this case Lua is completely interpreted in an Erlang process. That allows a good amount of sandboxing, they have isolated heaps already and you can control memory limits and other resource usages, and all that in a relatively tiny footprint of a few KBs.
This is more for your apps users. Like lets say you have a CRM saas written in Elixir. Then you can allow your users to script things in your app with Lua. If you allow them to use Elixir running in your app you might allow someone to hack your app.