diff options
author | rubenwardy <rw@rubenwardy.com> | 2020-10-06 12:10:37 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-10-06 12:10:37 +0100 |
commit | e80fc22dd996e5b0efd8c4f67700c0920e323e46 (patch) | |
tree | 427232e6c7bcdf00d241f88c064314fbb6a7c435 /src | |
parent | f46509d5e2c681b6da2abdeb27779be3c36a6916 (diff) | |
download | minetest-e80fc22dd996e5b0efd8c4f67700c0920e323e46.tar.gz minetest-e80fc22dd996e5b0efd8c4f67700c0920e323e46.tar.bz2 minetest-e80fc22dd996e5b0efd8c4f67700c0920e323e46.zip |
Prevent games from setting secure settings (#10460)
Diffstat (limited to 'src')
-rw-r--r-- | src/content/subgames.cpp | 8 | ||||
-rw-r--r-- | src/content/subgames.h | 3 | ||||
-rw-r--r-- | src/settings.cpp | 13 | ||||
-rw-r--r-- | src/settings.h | 2 |
4 files changed, 23 insertions, 3 deletions
diff --git a/src/content/subgames.cpp b/src/content/subgames.cpp index 695ba431f..c6350f2dd 100644 --- a/src/content/subgames.cpp +++ b/src/content/subgames.cpp @@ -34,12 +34,17 @@ with this program; if not, write to the Free Software Foundation, Inc., // The maximum number of identical world names allowed #define MAX_WORLD_NAMES 100 +namespace +{ + bool getGameMinetestConfig(const std::string &game_path, Settings &conf) { std::string conf_path = game_path + DIR_DELIM + "minetest.conf"; return conf.readConfigFile(conf_path.c_str()); } +} + struct GameFindPath { std::string path; @@ -330,8 +335,11 @@ void loadGameConfAndInitWorld(const std::string &path, const std::string &name, // files that were loaded before. g_settings->clearDefaults(); set_default_settings(g_settings); + Settings game_defaults; getGameMinetestConfig(gamespec.path, game_defaults); + game_defaults.removeSecureSettings(); + g_settings->overrideDefaults(&game_defaults); infostream << "Initializing world at " << final_path << std::endl; diff --git a/src/content/subgames.h b/src/content/subgames.h index 35b619aaf..60392639b 100644 --- a/src/content/subgames.h +++ b/src/content/subgames.h @@ -53,9 +53,6 @@ struct SubgameSpec bool isValid() const { return (!id.empty() && !path.empty()); } }; -// minetest.conf -bool getGameMinetestConfig(const std::string &game_path, Settings &conf); - SubgameSpec findSubgame(const std::string &id); SubgameSpec findWorldSubgame(const std::string &world_path); diff --git a/src/settings.cpp b/src/settings.cpp index 56ab9e12b..f30ef34e9 100644 --- a/src/settings.cpp +++ b/src/settings.cpp @@ -1039,6 +1039,19 @@ void Settings::deregisterChangedCallback(const std::string &name, } } +void Settings::removeSecureSettings() +{ + for (const auto &name : getNames()) { + if (name.compare(0, 7, "secure.") != 0) + continue; + + errorstream << "Secure setting " << name + << " isn't allowed, so was ignored." + << std::endl; + remove(name); + } +} + void Settings::doCallbacks(const std::string &name) const { MutexAutoLock lock(m_callback_mutex); diff --git a/src/settings.h b/src/settings.h index 7db5539b2..6db2f9481 100644 --- a/src/settings.h +++ b/src/settings.h @@ -207,6 +207,8 @@ public: void deregisterChangedCallback(const std::string &name, SettingsChangedCallback cbf, void *userdata = NULL); + void removeSecureSettings(); + private: /*********************** * Reading and writing * |