Add core.request_insecure_environment()

This commit is contained in:
ShadowNinja 2014-09-09 21:52:07 -04:00
parent 05ab9973f9
commit 6c06330daf
5 changed files with 46 additions and 4 deletions

@ -2290,13 +2290,20 @@ These functions return the leftover itemstack.
* `minetest.forceload_block(pos)`
* forceloads the position `pos`.
* returns `true` if area could be forceloaded
* Please note that forceloaded areas are saved when the server restarts.
* `minetest.forceload_free_block(pos)`
* stops forceloading the position `pos`
Please note that forceloaded areas are saved when the server restarts.
minetest.global_exists(name)
^ Checks if a global variable has been set, without triggering a warning.
* `minetest.request_insecure_environment()`: returns an environment containing
insecure functions if the calling mod has been listed as trusted in the
`secure.trusted_mods` setting or security is disabled, otherwise returns `nil`.
* Only works at init time.
* **DO NOT ALLOW ANY OTHER MODS TO ACCESS THE RETURNED ENVIRONMENT, STORE IT IN
A LOCAL VARIABLE!**
* `minetest.global_exists(name)`
* Checks if a global variable has been set, without triggering a warning.
### Global objects
* `minetest.env`: `EnvRef` of the server environment and world.

@ -571,4 +571,7 @@
# Prevent mods from doing insecure things like running shell commands.
#secure.enable_security = false
# Comma-separated list of trusted mods that are allowed to access insecure
# functions even when mod security is on (via request_insecure_environment()).
#secure.trusted_mods =

@ -273,6 +273,7 @@ void set_default_settings(Settings *settings)
settings->setDefault("emergequeue_limit_generate", "32");
settings->setDefault("num_emerge_threads", "1");
settings->setDefault("secure.enable_security", "false");
settings->setDefault("secure.trusted_mods", "");
// physics stuff
settings->setDefault("movement_acceleration_default", "3");

@ -32,6 +32,7 @@ with this program; if not, write to the Free Software Foundation, Inc.,
#include "filesys.h"
#include "settings.h"
#include "util/auth.h"
#include <algorithm>
// debug(...)
// Writes a line to dstream
@ -339,6 +340,30 @@ int ModApiUtil::l_mkdir(lua_State *L)
}
int ModApiUtil::l_request_insecure_environment(lua_State *L)
{
NO_MAP_LOCK_REQUIRED;
if (!ScriptApiSecurity::isSecure(L)) {
lua_getglobal(L, "_G");
return 1;
}
lua_getfield(L, LUA_REGISTRYINDEX, SCRIPT_MOD_NAME_FIELD);
if (!lua_isstring(L, -1)) {
lua_pushnil(L);
return 1;
}
const char *mod_name = lua_tostring(L, -1);
std::string trusted_mods = g_settings->get("secure.trusted_mods");
std::vector<std::string> mod_list = str_split(trusted_mods, ',');
if (std::find(mod_list.begin(), mod_list.end(), mod_name) == mod_list.end()) {
lua_pushnil(L);
return 1;
}
lua_getfield(L, LUA_REGISTRYINDEX, "globals_backup");
return 1;
}
void ModApiUtil::Initialize(lua_State *L, int top)
{
API_FCT(debug);
@ -366,6 +391,8 @@ void ModApiUtil::Initialize(lua_State *L, int top)
API_FCT(decompress);
API_FCT(mkdir);
API_FCT(request_insecure_environment);
}
void ModApiUtil::InitializeAsync(AsyncEngine& engine)

@ -90,6 +90,9 @@ private:
// mkdir(path)
static int l_mkdir(lua_State *L);
// request_insecure_environment()
static int l_request_insecure_environment(lua_State *L);
public:
static void Initialize(lua_State *L, int top);
@ -98,3 +101,4 @@ public:
};
#endif /* L_UTIL_H_ */