| Posted by
| Nick Gammon
Australia (23,173 posts) Bio
Forum Administrator |
| Message
| Below is the new default "Lua sandbox" code supplied with MUSHclient 3.80. It will automatically be supplied for new copies of MUSHclient, or if you totally delete your old sandbox (File -> Global Preferences -> Lua) and close and re-open MUSHclient.
However if you prefer to keep some of your old sandbox code you can look at the code below and take the parts you want.
Important features are:
- Allows for the new "package" table - which is where DLLs are now loaded (package.loadlib).
- Allows for the fact that the "require" statement can load DLLs.
- Has 3 lines at the start for quickly changing the trust level for all worlds, all plugins, or to remove the new warning messages.
- To help debug trust problems now warns if you are loading an untrusted world or plugin. If the messages annoy you, you can turn them off (line 3 of the sandbox).
- Trusted worlds and plugins are now in a table so you can easily add new ones.
For example, loading an untrused world now gives me a message like this in the output window:
Untrusted world MUD1, ID: 5e8ea5927ab8ff08d802fefb
Lua sandbox created, some functions disabled.
Loading of DLLs is disabled.
If I decide to trust the scripts in this world then I can edit the sandbox and (near the bottom) change the list of trusted worlds to add the new world ID (mentioned in the warning message), like this:
local trusted_worlds = {
["5e8ea5927ab8ff08d802fefb"] = true, -- MUD1
} -- end of trusted_worlds
I removed the commented-out examples. Then as I wish to trust new worlds they get added to the list, eg.
local trusted_worlds = {
["5e8ea5927ab8ff08d802fefb"] = true, -- MUD1
["eac29f728e68fb8c94d0d70e"] = true, -- MUD2
} -- end of trusted_worlds
There is a similar process for plugins, however you also put in the plugin name as well (some example plugins are already there, which ship with MUSHclient or are available on this web site).
This is the new sandbox code:
trust_all_worlds = false -- change to true to trust all the worlds
trust_all_plugins = false -- change to true to trust all the plugins
warn_if_not_trusted = true -- change to false to suppress warnings
--[[
-- Lua initialization (sandbox) --> please read comments carefully.
-- Default initialization supplied with version 3.80.
Use this to create a "sandbox" for safe execution of non-trusted scripts.
If you only run your own scripts or plugins then you may not need this.
The code in this area is executed after each Lua script space is created
but before any of your scripts are done. This can be used to initialise things
(eg. load DLLs, load files, set up variables) or to disable things as shown below.
By setting a function name to nil you effectively make it unavailable.
You can remove some functions from a library rather than all of them, eg.
os.execute = nil -- no operating system calls
os.remove = nil -- no deleting files
os.rename = nil -- no renaming files
This script will automatically be replaced if you completely delete it from
the Global Preferences, and restart MUSHclient. To avoid this, leave a comment
in (if you don't want any further action taken).
--]]
-- Example sandbox --
function MakeSandbox ()
package.loadlib = nil -- disable loadlib function
package.loaders [3] = nil -- disable DLL loader
package.loaders [4] = nil -- disable all-in-one loader
io = nil -- no disk IO
-- replace 'os' table with one containing only safe functions
os = {
date = os.date,
time = os.time,
setlocale = os.setlocale,
clock = os.clock,
difftime = os.difftime,
}
if warn_if_not_trusted then
ColourNote ("yellow", "black",
"Lua sandbox created, some functions disabled.")
end -- if warn_if_not_trusted
end -- end of function MakeSandbox
-- default is to sandbox everything --
-- To trust individual worlds or plugins, add them to the lists below.
-- To find your current world ID, do this: /print (GetWorldID ())
-- Plugin IDs are mentioned near the start of every plugin.
-- You can limit the behaviour to specific worlds, or specific plugins
-- by doing something like this:
do
-- World IDs of worlds we trust - replace with your world IDs
-- (and remove comment from start of line)
local trusted_worlds = {
-- ["a4a1cc1801787ba88cd84f3a"] = true, -- example world A
-- ["cdc8552d1b251e449b874b9a"] = true, -- example world B
-- ["1ec5aac3265e472b97f0c103"] = true, -- example world C
} -- end of trusted_worlds
-- Plugin IDs of plugins we trust - add your plugins to the table
local trusted_plugins = {
[""] = "", -- trust main script (ie. if no plugin running)
["03ca99c4e98d2a3e6d655c7d"] = "Chat",
["982581e59ab42844527eec80"] = "Random_Socials",
["4a267cd69ba59b5ecefe42d8"] = "Installer_sumcheck",
["83beba4e37b3d0e7f63cedbc"] = "Reconnecter",
} -- end of trusted_plugins
-- check worlds
if not trust_all_worlds then
if not trusted_worlds [GetWorldID ()] then
if warn_if_not_trusted then
ColourNote ("yellow", "black", "Untrusted world " .. WorldName () ..
", ID: " .. GetWorldID ())
end -- if warn_if_not_trusted
MakeSandbox ()
end -- not trusted world or plugin
end -- not trusting all worlds
-- check plugins - check name *and* plugin ID
if not trust_all_plugins then
if trusted_plugins [GetPluginID ()] ~= GetPluginName () then
if warn_if_not_trusted then
ColourNote ("yellow", "black", "Untrusted plugin " .. GetPluginName () ..
", ID: " .. GetPluginID ())
end -- if warn_if_not_trusted
MakeSandbox ()
end -- not trusted world or plugin
end -- if not trusting all plugins
end -- local block
-- warn if we can't load DLLs (checkbox might be unchecked)
if not package.loadlib and warn_if_not_trusted then
ColourNote ("yellow", "black",
"Loading of DLLs in scripts is disabled.")
end -- if
|
- Nick Gammon
www.gammon.com.au, www.mushclient.com | | Top |
|
![[Go to top]](/images/gototop.gif){kind=small}
top