aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorrubenwardy <rw@rubenwardy.com>2020-10-06 12:10:37 +0100
committerGitHub <noreply@github.com>2020-10-06 12:10:37 +0100
commite80fc22dd996e5b0efd8c4f67700c0920e323e46 (patch)
tree427232e6c7bcdf00d241f88c064314fbb6a7c435
parentf46509d5e2c681b6da2abdeb27779be3c36a6916 (diff)
downloadminetest-e80fc22dd996e5b0efd8c4f67700c0920e323e46.tar.gz
minetest-e80fc22dd996e5b0efd8c4f67700c0920e323e46.tar.bz2
minetest-e80fc22dd996e5b0efd8c4f67700c0920e323e46.zip
Prevent games from setting secure settings (#10460)
-rw-r--r--src/content/subgames.cpp8
-rw-r--r--src/content/subgames.h3
-rw-r--r--src/settings.cpp13
-rw-r--r--src/settings.h2
4 files changed, 23 insertions, 3 deletions
diff --git a/src/content/subgames.cpp b/src/content/subgames.cpp
index 695ba431f..c6350f2dd 100644
--- a/src/content/subgames.cpp
+++ b/src/content/subgames.cpp
@@ -34,12 +34,17 @@ with this program; if not, write to the Free Software Foundation, Inc.,
// The maximum number of identical world names allowed
#define MAX_WORLD_NAMES 100
+namespace
+{
+
bool getGameMinetestConfig(const std::string &game_path, Settings &conf)
{
std::string conf_path = game_path + DIR_DELIM + "minetest.conf";
return conf.readConfigFile(conf_path.c_str());
}
+}
+
struct GameFindPath
{
std::string path;
@@ -330,8 +335,11 @@ void loadGameConfAndInitWorld(const std::string &path, const std::string &name,
// files that were loaded before.
g_settings->clearDefaults();
set_default_settings(g_settings);
+
Settings game_defaults;
getGameMinetestConfig(gamespec.path, game_defaults);
+ game_defaults.removeSecureSettings();
+
g_settings->overrideDefaults(&game_defaults);
infostream << "Initializing world at " << final_path << std::endl;
diff --git a/src/content/subgames.h b/src/content/subgames.h
index 35b619aaf..60392639b 100644
--- a/src/content/subgames.h
+++ b/src/content/subgames.h
@@ -53,9 +53,6 @@ struct SubgameSpec
bool isValid() const { return (!id.empty() && !path.empty()); }
};
-// minetest.conf
-bool getGameMinetestConfig(const std::string &game_path, Settings &conf);
-
SubgameSpec findSubgame(const std::string &id);
SubgameSpec findWorldSubgame(const std::string &world_path);
diff --git a/src/settings.cpp b/src/settings.cpp
index 56ab9e12b..f30ef34e9 100644
--- a/src/settings.cpp
+++ b/src/settings.cpp
@@ -1039,6 +1039,19 @@ void Settings::deregisterChangedCallback(const std::string &name,
}
}
+void Settings::removeSecureSettings()
+{
+ for (const auto &name : getNames()) {
+ if (name.compare(0, 7, "secure.") != 0)
+ continue;
+
+ errorstream << "Secure setting " << name
+ << " isn't allowed, so was ignored."
+ << std::endl;
+ remove(name);
+ }
+}
+
void Settings::doCallbacks(const std::string &name) const
{
MutexAutoLock lock(m_callback_mutex);
diff --git a/src/settings.h b/src/settings.h
index 7db5539b2..6db2f9481 100644
--- a/src/settings.h
+++ b/src/settings.h
@@ -207,6 +207,8 @@ public:
void deregisterChangedCallback(const std::string &name,
SettingsChangedCallback cbf, void *userdata = NULL);
+ void removeSecureSettings();
+
private:
/***********************
* Reading and writing *