added setting to allow enabling bytecode loading. use this at your own risk, and only if you're aware just how exploitable this can be... closes #58 for now

2025-09-16 10:51:55 -04:00 · 2014-01-05 13:27:33 +01:00 · 2014-01-05 13:27:33 +01:00 · d026b61295
commit d026b61295
parent 2b50e0b956
4 changed files with 20 additions and 2 deletions
--- a/assets/opencomputers/lua/kernel.lua
+++ b/assets/opencomputers/lua/kernel.lua
@ -66,8 +66,10 @@ sandbox = {
  end,
  ipairs = ipairs,
  load = function(ld, source, mode, env)
-    assert((mode or "t") == "t", "unsupported mode")
-    return load(ld, source, "t", env or sandbox)
+    if not allowBytecode() then
+      mode = "t"
+    end
+    return load(ld, source, mode, env or sandbox)
  end,
  loadfile = nil, -- in lib/base.lua
  next = next,
--- a/li/cil/oc/Settings.scala
+++ b/li/cil/oc/Settings.scala
@ -42,6 +42,7 @@ class Settings(config: Config) {
  val canComputersBeOwned = config.getBoolean("computer.canComputersBeOwned")
  val maxUsers = config.getInt("computer.maxUsers") max 0
  val maxUsernameLength = config.getInt("computer.maxUsernameLength") max 0
+  val allowBytecode = config.getBoolean("computer.allowBytecode")

  // ----------------------------------------------------------------------- //
  // robot
--- a/li/cil/oc/server/component/Computer.scala
+++ b/li/cil/oc/server/component/Computer.scala
@ -965,6 +965,13 @@ class Computer(val owner: tileentity.Computer) extends ManagedComponent with Con
      })
      lua.setGlobal("print")

+      // Whether bytecode may be loaded directly.
+      lua.pushScalaFunction(lua => {
+        lua.pushBoolean(Settings.get.allowBytecode)
+        1
+      })
+      lua.setGlobal("allowBytecode")
+
      // How long programs may run without yielding before we stop them.
      lua.pushNumber(Settings.get.timeout)
      lua.setGlobal("timeout")
--- a/reference.conf
+++ b/reference.conf
@ -72,6 +72,14 @@ opencomputers {
      # already running - they'll have to be rebooted for this to take effect.
      timeout: 1.0

+      # Whether to allow loading precompiled bytecode via Lua's `load` function,
+      # or related functions (`loadfile`, `dofile`). Enable this only if you
+      # absolutely trust all users on your server and all Lua code you run. This
+      # can be a MASSIVE SECURITY RISK, since precompiled code can easily be
+      # used for exploits, running arbitrary code on the real server! I cannot
+      # stress this enough: only enable this is you know what you're doing.
+      allowBytecode: false
+
      # The time in seconds to wait after a computer has been restored before it
      # continues to run. This is meant to allow the world around the computer
      # to settle, avoiding issues such as components in neighboring chunks