[0.4.12-dev] Mod security
-
- Member
- Posts: 4290
- Joined: Sun Sep 09, 2012 17:31
- GitHub: Sokomine
- IRC: Sokomine
- In-game: Sokomine
Re: [0.4.12-dev] Mod security
I still have that problem stated in my previous postings: My handle_schematics mod can't work properly. It is in part a filie browser. Its purpose is to save schematics (so far so good - no problem there) and to place schematics into the world (WorldEdit, .mts or even .schematic format). Those schematics can be found in the worldname/schems/ folder (placed there by WorldEdit) or in some gamename/mods/modname/schems/* folder (may vary a bit from mod to mod). In order for my mod to be able to supply players with a way to transfer a building from one map to another, they need to be able to select it somehow. And the mod needs to be able to actually *read* the schema file. Just telling people to copy it over does not seem to be a good idea. Neither is telling them to turn security off.
I'd be fine with an extra, simple, easy-to-understand-and-check mod that provides read access to directories (filename extensions .mts, .schematic, .we and .meta are required - the rest is of no intrest anyway) and that provides read access to those files. Said read access is only required for files which *another world* or *another mod* could read anyway. The files need to be readable without having to be opened in the init phase.
I'd be fine with an extra, simple, easy-to-understand-and-check mod that provides read access to directories (filename extensions .mts, .schematic, .we and .meta are required - the rest is of no intrest anyway) and that provides read access to those files. Said read access is only required for files which *another world* or *another mod* could read anyway. The files need to be readable without having to be opened in the init phase.
A list of my mods can be found here.
-
- Moderator
- Posts: 4095
- Joined: Wed Aug 24, 2011 09:44
- GitHub: sfan5
- IRC: sfan5
- Location: Germany
Re: [0.4.12-dev] Mod security
Please open an issue on Github so this isn't overlooked before the release.
-
- New member
- Posts: 1
- Joined: Fri Feb 24, 2017 21:36
- In-game: Lichtbringer
Re: [0.4.12-dev] Mod security
do_evil_thing() needs to check the environment for which mod requested it and not which mod is running currently.
request_insecure_environment() needs to set "environment.mod = mod with this command in it's code" and prohibit further change in this instance of insecure_environment.
request_insecure_environment() needs to set "environment.mod = mod with this command in it's code" and prohibit further change in this instance of insecure_environment.
Re: [0.4.12-dev] Mod security
How can i modify it on my computer?
is there a way to destroy it?
(if it's a lua file, where is it)
I HATE IT
(GOOD IDEA, BUT JUST ANNOYING IF IT CANT BE TURNED OFF IN MINETEST 4.1.6 Ubuntu (tried turn off, does not work : ((( )
is there a way to destroy it?
(if it's a lua file, where is it)
I HATE IT
(GOOD IDEA, BUT JUST ANNOYING IF IT CANT BE TURNED OFF IN MINETEST 4.1.6 Ubuntu (tried turn off, does not work : ((( )
Last edited by KGM on Tue May 08, 2018 18:06, edited 1 time in total.
When I first came here, this was all swamp. Everyone said I was daft to build a castle on a swamp, but I built in all the same, just to show them.
- Phoenixflo44
- Member
- Posts: 639
- Joined: Fri Jul 28, 2017 15:01
- In-game: EvilPhoenix
- Location: Behind my PC, in Germany
- rubenwardy
- Moderator
- Posts: 6978
- Joined: Tue Jun 12, 2012 18:11
- GitHub: rubenwardy
- IRC: rubenwardy
- In-game: rubenwardy
- Location: Bristol, United Kingdom
- Contact:
Re: [0.4.12-dev] Mod security
Write better code. The sandbox should never be disabledKGM wrote:How can i modify it on my computer?
is there a way to destroy it?
(if it's a lua file, where is it)
I HATE IT
- Phoenixflo44
- Member
- Posts: 639
- Joined: Fri Jul 28, 2017 15:01
- In-game: EvilPhoenix
- Location: Behind my PC, in Germany
Re: [0.4.12-dev] Mod security
True, everyone has limited programming skills and so sometimes minetest doesn't want to be
Spoiler
I hate my life
Re: [0.4.12-dev] Mod security
@ rubenwardy: but its annoying if you can't disable it on your computer,
i tried to write senseful clientmod for me alone, didn't work, no os.execute, disable mod security also not work, says disabled, still no execute!
plz anyone tell me how kill it so it doesn't bother me again?
i tried to write senseful clientmod for me alone, didn't work, no os.execute, disable mod security also not work, says disabled, still no execute!
plz anyone tell me how kill it so it doesn't bother me again?
Last edited by KGM on Tue May 08, 2018 18:10, edited 1 time in total.
When I first came here, this was all swamp. Everyone said I was daft to build a castle on a swamp, but I built in all the same, just to show them.
- rubenwardy
- Moderator
- Posts: 6978
- Joined: Tue Jun 12, 2012 18:11
- GitHub: rubenwardy
- IRC: rubenwardy
- In-game: rubenwardy
- Location: Bristol, United Kingdom
- Contact:
Re: [0.4.12-dev] Mod security
You can't disable security on the client API as that's a massive security risk, the client API isn't designed for what you want to do
Re: [0.4.12-dev] Mod security
just why, my computer had a price of 40 €, there is also no really sensitive data, why can't i take that risk?
(may there be a way to corrupt minetest core files in a way security breaks? any help appreciat.)
(may there be a way to corrupt minetest core files in a way security breaks? any help appreciat.)
When I first came here, this was all swamp. Everyone said I was daft to build a castle on a swamp, but I built in all the same, just to show them.
- Krock
- Developer
- Posts: 4650
- Joined: Thu Oct 03, 2013 07:48
- GitHub: SmallJoker
- Location: Switzerland
- Contact:
Re: [0.4.12-dev] Mod security
This is for real a very surprising mentality, however, you can use the following steps to get the CSM security away:KGM wrote:i tried to write senseful clientmod for me alone, didn't work, no os.execute, disable mod security also not work, says disabled, still no execute!
plz anyone tell me how kill it so it doesn't bother me again?
1) Open minetest_source_code/src/script/scripting_client.cpp
2) Comment our or remove the line " initializeSecurityClient(); "
3) Compile Minetest
4) ???
5) Profit.
Without security, the (client) mods can remove, corrupt, overwrite or encrypt all of the files to which you as user have access to. You can get the maximal destruction potential out of it by running Minetest as root or administrator (Windows).
Before you're asking for a setting to disable the security: We simply cannot make for each and every feature a setting to disable it. It might look different if tens of people would request such a setting - but not in single cases.
Look, I programmed a bug for you. >> Mod Search Engine << - Mods by Krock - DuckDuckGo mod search bang: !mtmod <keyword here>
Re: [0.4.12-dev] Mod security
THX very much!
When I first came here, this was all swamp. Everyone said I was daft to build a castle on a swamp, but I built in all the same, just to show them.
Who is online
Users browsing this forum: No registered users and 7 guests