From e51564d1bee5aa8b411328d7d3d75906dfc0a260 Mon Sep 17 00:00:00 2001
From: Roberto Ierusalimschy <roberto@inf.puc-rio.br>
Date: Wed, 16 Sep 2020 14:57:51 -0300
Subject: Details in comments and documentation

---
 manual/manual.of | 10 ++++++++++
 1 file changed, 10 insertions(+)

(limited to 'manual')

diff --git a/manual/manual.of b/manual/manual.of
index c37f3061..ff891399 100644
--- a/manual/manual.of
+++ b/manual/manual.of
@@ -6813,6 +6813,16 @@ As such, it is only available on some platforms
 (Windows, Linux, Mac OS X, Solaris, BSD,
 plus other Unix systems that support the @id{dlfcn} standard).
 
+This function is inherently insecure,
+as it allows Lua to call any function in any readable dynamic
+library in the system.
+(Lua calls any function assuming the function
+has a proper prototype and respects a proper protocol
+@see{lua_CFunction}.
+Therefore,
+calling an arbitrary function in an arbitrary dynamic library
+more often than not results in an access violation.)
+
 }
 
 @LibEntry{package.path|
-- 
cgit v1.2.3-55-g6feb