On Tue, Nov 15, 2011 at 10:11:58PM +0200, Marko Lindqvist wrote: > On 15 November 2011 21:52, Michal Mazurek <[email protected]> wrote: > > a ruleset I download from dubious sources does > > not, from it's script.lua, run a file i already have on my filesystem, > > that's nasty. Even though it could just contain it, > > You consider all files already in your system something that everyone > should be allowed to read/use? It could hardly contain something that > its author does not know contents of. > Not that I can come up with any real attack scenario offhand, but > better to be safe than sorry.
Can there at least be a GNU-style flag like --allow-lua-dofile? -- Michal Mazurek _______________________________________________ Freeciv-dev mailing list [email protected] https://mail.gna.org/listinfo/freeciv-dev
