diff options
| author | sfan5 <sfan5@live.de> | 2021-12-17 18:35:30 +0100 |
|---|---|---|
| committer | sfan5 <sfan5@live.de> | 2021-12-18 20:37:13 +0100 |
| commit | f4054595482bf4573075f45d3ca56076a0d6113e (patch) | |
| tree | 6c6037a5f69059e47d134d1b8287d0d7bce404f9 | |
| parent | 8c99f2232bdb52459ccf2a5b751cbe3f7797abc3 (diff) | |
| download | minetest-f4054595482bf4573075f45d3ca56076a0d6113e.tar.gz minetest-f4054595482bf4573075f45d3ca56076a0d6113e.tar.bz2 minetest-f4054595482bf4573075f45d3ca56076a0d6113e.zip | |
Remove setlocal and setupvalue from `debug` table whitelist
It's likely that these could be used trick mods into revealing the insecure
environment even if they do everything right (which is already hard enough).
| -rw-r--r-- | src/script/cpp_api/s_security.cpp | 2 |
1 files changed, 0 insertions, 2 deletions
diff --git a/src/script/cpp_api/s_security.cpp b/src/script/cpp_api/s_security.cpp index 5faf8cc80..11c277839 100644 --- a/src/script/cpp_api/s_security.cpp +++ b/src/script/cpp_api/s_security.cpp @@ -129,12 +129,10 @@ void ScriptApiSecurity::initializeSecurity() "traceback", "getinfo", "getmetatable", - "setupvalue", "setmetatable", "upvalueid", "sethook", "debug", - "setlocal", }; static const char *package_whitelist[] = { "config", |