diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/defaultsettings.cpp | 1 | ||||
-rw-r--r-- | src/script/lua_api/l_util.cpp | 29 | ||||
-rw-r--r-- | src/script/lua_api/l_util.h | 4 |
3 files changed, 33 insertions, 1 deletions
diff --git a/src/defaultsettings.cpp b/src/defaultsettings.cpp index f26b4c8ad..af1aa4140 100644 --- a/src/defaultsettings.cpp +++ b/src/defaultsettings.cpp @@ -273,6 +273,7 @@ void set_default_settings(Settings *settings) settings->setDefault("emergequeue_limit_generate", "32"); settings->setDefault("num_emerge_threads", "1"); settings->setDefault("secure.enable_security", "false"); + settings->setDefault("secure.trusted_mods", ""); // physics stuff settings->setDefault("movement_acceleration_default", "3"); diff --git a/src/script/lua_api/l_util.cpp b/src/script/lua_api/l_util.cpp index e16b6feab..2bcc114e2 100644 --- a/src/script/lua_api/l_util.cpp +++ b/src/script/lua_api/l_util.cpp @@ -32,6 +32,7 @@ with this program; if not, write to the Free Software Foundation, Inc., #include "filesys.h" #include "settings.h" #include "util/auth.h" +#include <algorithm> // debug(...) // Writes a line to dstream @@ -316,7 +317,7 @@ int ModApiUtil::l_compress(lua_State *L) int ModApiUtil::l_decompress(lua_State *L) { size_t size; - const char * data = luaL_checklstring(L, 1, &size); + const char *data = luaL_checklstring(L, 1, &size); std::istringstream is(std::string(data, size)); std::ostringstream os; @@ -339,6 +340,30 @@ int ModApiUtil::l_mkdir(lua_State *L) } +int ModApiUtil::l_request_insecure_environment(lua_State *L) +{ + NO_MAP_LOCK_REQUIRED; + if (!ScriptApiSecurity::isSecure(L)) { + lua_getglobal(L, "_G"); + return 1; + } + lua_getfield(L, LUA_REGISTRYINDEX, SCRIPT_MOD_NAME_FIELD); + if (!lua_isstring(L, -1)) { + lua_pushnil(L); + return 1; + } + const char *mod_name = lua_tostring(L, -1); + std::string trusted_mods = g_settings->get("secure.trusted_mods"); + std::vector<std::string> mod_list = str_split(trusted_mods, ','); + if (std::find(mod_list.begin(), mod_list.end(), mod_name) == mod_list.end()) { + lua_pushnil(L); + return 1; + } + lua_getfield(L, LUA_REGISTRYINDEX, "globals_backup"); + return 1; +} + + void ModApiUtil::Initialize(lua_State *L, int top) { API_FCT(debug); @@ -366,6 +391,8 @@ void ModApiUtil::Initialize(lua_State *L, int top) API_FCT(decompress); API_FCT(mkdir); + + API_FCT(request_insecure_environment); } void ModApiUtil::InitializeAsync(AsyncEngine& engine) diff --git a/src/script/lua_api/l_util.h b/src/script/lua_api/l_util.h index bf7cd71d3..336173664 100644 --- a/src/script/lua_api/l_util.h +++ b/src/script/lua_api/l_util.h @@ -90,6 +90,9 @@ private: // mkdir(path) static int l_mkdir(lua_State *L); + // request_insecure_environment() + static int l_request_insecure_environment(lua_State *L); + public: static void Initialize(lua_State *L, int top); @@ -98,3 +101,4 @@ public: }; #endif /* L_UTIL_H_ */ + |