Implement script sandboxing for main menu

2025-06-27 16:36:03 +00:00 · 2024-11-03 16:53:01 +01:00 · 2024-11-03 16:53:01 +01:00 · ea4ae55e24
commit ea4ae55e24
parent 1fd4e0b82d
10 changed files with 146 additions and 126 deletions
--- a/src/script/scripting_mainmenu.cpp
+++ b/src/script/scripting_mainmenu.cpp
@ -12,11 +12,14 @@
 #include "lua_api/l_util.h"
 #include "lua_api/l_settings.h"
 #include "log.h"
+#include "filesys.h"
+#include "porting.h"

 extern "C" {
 #include "lualib.h"
 }
-#define MAINMENU_NUM_ASYNC_THREADS 4
+
+#define MAINMENU_NUM_ASYNC_THREADS 2


 MainMenuScripting::MainMenuScripting(GUIEngine* guiengine):
@ -26,6 +29,8 @@ MainMenuScripting::MainMenuScripting(GUIEngine* guiengine):

 	SCRIPTAPI_PRECHECKHEADER

+	initializeSecurity();
+
 	lua_getglobal(L, "core");
 	int top = lua_gettop(L);

@ -69,6 +74,42 @@ void MainMenuScripting::registerLuaClasses(lua_State *L, int top)
 	MainMenuSoundHandle::Register(L);
 }

+bool MainMenuScripting::mayModifyPath(const std::string &path)
+{
+	if (fs::PathStartsWith(path, fs::TempPath()))
+		return true;
+
+	std::string path_user = fs::RemoveRelativePathComponents(porting::path_user);
+
+	if (fs::PathStartsWith(path, path_user + DIR_DELIM "client"))
+		return true;
+	if (fs::PathStartsWith(path, path_user + DIR_DELIM "games"))
+		return true;
+	if (fs::PathStartsWith(path, path_user + DIR_DELIM "mods"))
+		return true;
+	if (fs::PathStartsWith(path, path_user + DIR_DELIM "textures"))
+		return true;
+	if (fs::PathStartsWith(path, path_user + DIR_DELIM "worlds"))
+		return true;
+
+	if (fs::PathStartsWith(path, fs::RemoveRelativePathComponents(porting::path_cache)))
+		return true;
+
+	return false;
+}
+
+bool MainMenuScripting::checkPathAccess(const std::string &abs_path, bool write_required,
+	bool *write_allowed)
+{
+	if (mayModifyPath(abs_path)) {
+		if (write_allowed)
+			*write_allowed = true;
+		return true;
+	}
+	// TODO?: global read access sounds too broad
+	return !write_required;
+}
+
 void MainMenuScripting::beforeClose()
 {
 	SCRIPTAPI_PRECHECKHEADER