[0.4.12-dev] Mod security

Sokomine
Member
 
Posts: 3342
Joined: Sun Sep 09, 2012 17:31

Re: [0.4.12-dev] Mod security

by Sokomine » Tue Nov 29, 2016 20:27

I still have that problem stated in my previous postings: My handle_schematics mod can't work properly. It is in part a filie browser. Its purpose is to save schematics (so far so good - no problem there) and to place schematics into the world (WorldEdit, .mts or even .schematic format). Those schematics can be found in the worldname/schems/ folder (placed there by WorldEdit) or in some gamename/mods/modname/schems/* folder (may vary a bit from mod to mod). In order for my mod to be able to supply players with a way to transfer a building from one map to another, they need to be able to select it somehow. And the mod needs to be able to actually *read* the schema file. Just telling people to copy it over does not seem to be a good idea. Neither is telling them to turn security off.

I'd be fine with an extra, simple, easy-to-understand-and-check mod that provides read access to directories (filename extensions .mts, .schematic, .we and .meta are required - the rest is of no intrest anyway) and that provides read access to those files. Said read access is only required for files which *another world* or *another mod* could read anyway. The files need to be readable without having to be opened in the init phase.
A list of my mods can be found here.
 

User avatar
sfan5
Moderator
 
Posts: 3707
Joined: Wed Aug 24, 2011 09:44
Location: Germany
GitHub: sfan5
IRC: sfan5

Re: [0.4.12-dev] Mod security

by sfan5 » Wed Nov 30, 2016 09:47

Please open an issue on Github so this isn't overlooked before the release.
Mods: Mesecons | WorldEdit | Nuke & Minetest builds for Windows (32-bit & 64-bit)
 

Lichtbringer
New member
 
Posts: 1
Joined: Fri Feb 24, 2017 21:36
In-game: Lichtbringer

Re: [0.4.12-dev] Mod security

by Lichtbringer » Fri Feb 24, 2017 22:54

do_evil_thing() needs to check the environment for which mod requested it and not which mod is running currently.

request_insecure_environment() needs to set "environment.mod = mod with this command in it's code" and prohibit further change in this instance of insecure_environment.
 

Previous

Return to News



Who is online

Users browsing this forum: No registered users and 1 guest