On Tue, Nov 15, 2011 at 07:11:10PM +0100, Matthias Pfafferodt wrote:
> > In S2_3 there is only lua that executes a line of lua code. There is no
> > functionality to load a file, I'll try to backport it to my repo
> > tomorrow.
> > Frankly, I dont understand how that helps with security. If you are the
> > administrator you can do anything anyway, so why restrict yourself?
> > Could you please provide a scenario when dofile can lead to something
> > nasty?
> This restriction is a long time thing for freeciv. This prevents bad script
> from doing nasty things, or do you check all scripts you run (new rulesets,
> etc)? Also, not everybody who runs a server is an admin and knows what can
> happen if there is something hidden in a script file.
I still don't get it. Where does the included nasty code come from in
the first place? Or differently: why do you assume script.lua is ok,
while something that's included is not? From what I understand, this
restriction is so that a ruleset I download from dubious sources does
not, from it's script.lua, run a file i already have on my filesystem,
that's nasty. Even though it could just contain it, instead of dofileing
it in the first place. dofile in lua is just like #include in c. I
really see no harm in allowing it.
Freeciv-dev mailing list