Skip to content
Permalink
Browse files

Prevent games from setting secure settings (#10460)

  • Loading branch information
rubenwardy committed Oct 6, 2020
1 parent f46509d commit e80fc22dd996e5b0efd8c4f67700c0920e323e46
Showing with 23 additions and 3 deletions.
  1. +8 −0 src/content/subgames.cpp
  2. +0 −3 src/content/subgames.h
  3. +13 −0 src/settings.cpp
  4. +2 −0 src/settings.h
@@ -34,12 +34,17 @@ with this program; if not, write to the Free Software Foundation, Inc.,
// The maximum number of identical world names allowed
#define MAX_WORLD_NAMES 100

namespace
{

bool getGameMinetestConfig(const std::string &game_path, Settings &conf)
{
std::string conf_path = game_path + DIR_DELIM + "minetest.conf";
return conf.readConfigFile(conf_path.c_str());
}

}

struct GameFindPath
{
std::string path;
@@ -330,8 +335,11 @@ void loadGameConfAndInitWorld(const std::string &path, const std::string &name,
// files that were loaded before.
g_settings->clearDefaults();
set_default_settings(g_settings);

Settings game_defaults;
getGameMinetestConfig(gamespec.path, game_defaults);
game_defaults.removeSecureSettings();

g_settings->overrideDefaults(&game_defaults);

infostream << "Initializing world at " << final_path << std::endl;
@@ -53,9 +53,6 @@ struct SubgameSpec
bool isValid() const { return (!id.empty() && !path.empty()); }
};

// minetest.conf
bool getGameMinetestConfig(const std::string &game_path, Settings &conf);

SubgameSpec findSubgame(const std::string &id);
SubgameSpec findWorldSubgame(const std::string &world_path);

@@ -1039,6 +1039,19 @@ void Settings::deregisterChangedCallback(const std::string &name,
}
}

void Settings::removeSecureSettings()
{
for (const auto &name : getNames()) {
if (name.compare(0, 7, "secure.") != 0)
continue;

errorstream << "Secure setting " << name
<< " isn't allowed, so was ignored."
<< std::endl;
remove(name);
}
}

void Settings::doCallbacks(const std::string &name) const
{
MutexAutoLock lock(m_callback_mutex);
@@ -207,6 +207,8 @@ class Settings {
void deregisterChangedCallback(const std::string &name,
SettingsChangedCallback cbf, void *userdata = NULL);

void removeSecureSettings();

private:
/***********************
* Reading and writing *

0 comments on commit e80fc22

Please sign in to comment.
You can’t perform that action at this time.