Prevent games from setting secure settings (#10460)

rubenwardy · web-flow · commit e80fc22dd996 · 2020-10-06T12:10:37.000+01:00
diff --git a/src/content/subgames.cpp b/src/content/subgames.cpp
@@ -34,12 +34,17 @@ with this program; if not, write to the Free Software Foundation, Inc.,
 // The maximum number of identical world names allowed
 #define MAX_WORLD_NAMES 100
 
+namespace
+{
+
 bool getGameMinetestConfig(const std::string &game_path, Settings &conf)
 {
 	std::string conf_path = game_path + DIR_DELIM + "minetest.conf";
 	return conf.readConfigFile(conf_path.c_str());
 }
 
+}
+
 struct GameFindPath
 {
 	std::string path;
@@ -330,8 +335,11 @@ void loadGameConfAndInitWorld(const std::string &path, const std::string &name,
 	// files that were loaded before.
 	g_settings->clearDefaults();
 	set_default_settings(g_settings);
+
 	Settings game_defaults;
 	getGameMinetestConfig(gamespec.path, game_defaults);
+	game_defaults.removeSecureSettings();
+
 	g_settings->overrideDefaults(&game_defaults);
 
 	infostream << "Initializing world at " << final_path << std::endl;
diff --git a/src/content/subgames.h b/src/content/subgames.h
@@ -53,9 +53,6 @@ struct SubgameSpec
 	bool isValid() const { return (!id.empty() && !path.empty()); }
 };
 
-// minetest.conf
-bool getGameMinetestConfig(const std::string &game_path, Settings &conf);
-
 SubgameSpec findSubgame(const std::string &id);
 SubgameSpec findWorldSubgame(const std::string &world_path);
 
diff --git a/src/settings.cpp b/src/settings.cpp
@@ -1039,6 +1039,19 @@ void Settings::deregisterChangedCallback(const std::string &name,
 	}
 }
 
+void Settings::removeSecureSettings()
+{
+	for (const auto &name : getNames()) {
+		if (name.compare(0, 7, "secure.") != 0)
+			continue;
+
+		errorstream << "Secure setting " << name
+				<< " isn't allowed, so was ignored."
+				<< std::endl;
+		remove(name);
+	}
+}
+
 void Settings::doCallbacks(const std::string &name) const
 {
 	MutexAutoLock lock(m_callback_mutex);
diff --git a/src/settings.h b/src/settings.h
@@ -207,6 +207,8 @@ class Settings {
 	void deregisterChangedCallback(const std::string &name,
 		SettingsChangedCallback cbf, void *userdata = NULL);
 
+	void removeSecureSettings();
+
 private:
 	/***********************
 	 * Reading and writing *

Original file line number	Diff line number	Diff line change
`@@ -1039,6 +1039,19 @@ void Settings::deregisterChangedCallback(const std::string &name,`
`1039`	`1039`	`}`
`1040`	`1040`	`}`
`1041`	`1041`
	`1042`	`+void Settings::removeSecureSettings()`
	`1043`	`+{`
	`1044`	`+ for (const auto &name : getNames()) {`
	`1045`	`+ if (name.compare(0, 7, "secure.") != 0)`
	`1046`	`+ continue;`
	`1047`	`+`
	`1048`	`+ errorstream << "Secure setting " << name`
	`1049`	`+ << " isn't allowed, so was ignored."`
	`1050`	`+ << std::endl;`
	`1051`	`+ remove(name);`
	`1052`	`+ }`
	`1053`	`+}`
	`1054`	`+`
`1042`	`1055`	`void Settings::doCallbacks(const std::string &name) const`
`1043`	`1056`	`{`
`1044`	`1057`	`MutexAutoLock lock(m_callback_mutex);`