Mirrorlandia_minetest/minetest
1
0
Fork 1
mirror of https://github.com/minetest/minetest.git synced 2024-11-27 10:03:45 +01:00
Code Issues Packages Projects Releases Wiki Activity

Remove debug.getupvalue from the Lua sandbox whitelist

Browse Source 
This function could be used to steal insecure environments from trusted mods.
This commit is contained in:
ShadowNinja 2016-03-02 23:59:42 -05:00
parent 8b006a154b
commit abd4a79acb
1 changed files with 0 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
src/script/cpp_api/s_security.cpp
View File

@ -116,7 +116,6 @@ void ScriptApiSecurity::initializeSecurity()
"upvaluejoin",
"sethook",
"debug",
"getupvalue",
"setlocal",
};
static const char *package_whitelist[] = {