BRNSystems/minetest
1
0
Fork 0
forked from Mirrorlandia_minetest/minetest
Code Pull Requests 1 Activity

Remove debug.getupvalue from the Lua sandbox whitelist

Browse Source 
This function could be used to steal insecure environments from trusted mods.
This commit is contained in:
ShadowNinja 2016-03-02 23:59:42 -05:00
parent 8b006a154b
commit abd4a79acb
1 changed files with 0 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
src/script/cpp_api/s_security.cpp
View File

@ -116,7 +116,6 @@ void ScriptApiSecurity::initializeSecurity()
"upvaluejoin", "upvaluejoin",
"sethook", "sethook",
"debug", "debug",
"getupvalue",
"setlocal", "setlocal",
}; };
static const char *package_whitelist[] = { static const char *package_whitelist[] = {