Remove libraryPermissions in favor of loading safe(ish) stdlib part

This commit is contained in:
Mm2PL 2023-02-02 14:41:25 +01:00
parent 16d2d02787
commit 52832b43e5
No known key found for this signature in database
GPG key ID: 94AC9B80EFA15ED9
3 changed files with 19 additions and 48 deletions

View file

@ -26,8 +26,6 @@ struct PluginMeta {
std::vector<QString> tags;
std::set<QString> libraryPermissions;
explicit PluginMeta(const QJsonObject &obj)
: name(obj.value("name").toString("A Plugin with no name"))
, description(obj.value("description").toString("Nothing here"))
@ -51,17 +49,6 @@ struct PluginMeta {
{
this->tags.push_back(t.toString());
}
for (const auto &t : obj.value("library_permissions").toArray())
{
this->libraryPermissions.insert(t.toString());
}
}
bool hasDangerousLibraries()
{
const auto *perms = &this->libraryPermissions;
return perms->contains("io") || perms->contains("package") ||
perms->contains("os");
}
};

View file

@ -103,30 +103,36 @@ bool PluginController::tryLoadFromDir(const QDir &pluginDir)
}
void PluginController::openLibrariesFor(lua_State *L, PluginMeta meta)
{
// copied from linit.c
// NOLINTNEXTLINE
// Stuff to change, remove or hide behind a permission system:
static const std::vector<luaL_Reg> loadedlibs = {
luaL_Reg{LUA_GNAME, luaopen_base},
luaL_Reg{LUA_LOADLIBNAME, luaopen_package},
luaL_Reg{LUA_COLIBNAME, luaopen_coroutine},
// - print - writes to stdout, should be replaced with a per-plugin log
// - load, loadstring, loadfile, dofile - don't allow bytecode, *require* valid utf8 (which bytecode by design isn't)
// luaL_Reg{LUA_LOADLIBNAME, luaopen_package},
// - explicit fs access, probably best to make our own require() function
//luaL_Reg{LUA_COLIBNAME, luaopen_coroutine},
// - needs special support
luaL_Reg{LUA_TABLIBNAME, luaopen_table},
luaL_Reg{LUA_IOLIBNAME, luaopen_io},
luaL_Reg{LUA_OSLIBNAME, luaopen_os},
// luaL_Reg{LUA_IOLIBNAME, luaopen_io},
// - explicit fs access, needs wrapper with permissions, no usage ideas yet
// luaL_Reg{LUA_OSLIBNAME, luaopen_os},
// - fs access
// - environ access
// - exit
luaL_Reg{LUA_STRLIBNAME, luaopen_string},
luaL_Reg{LUA_MATHLIBNAME, luaopen_math},
luaL_Reg{LUA_UTF8LIBNAME, luaopen_utf8},
luaL_Reg{LUA_DBLIBNAME, luaopen_debug},
luaL_Reg{NULL, NULL},
// luaL_Reg{LUA_DBLIBNAME, luaopen_debug},
// - this allows the plugin developer to unleash all hell
};
for (const auto &reg : loadedlibs)
{
if (meta.libraryPermissions.contains(QString(reg.name)))
{
luaL_requiref(L, reg.name, reg.func, int(true));
lua_pop(L, 1);
}
}
}
void PluginController::load(QFileInfo index, QDir pluginDir, PluginMeta meta)

View file

@ -93,28 +93,6 @@ void PluginsPage::rebuildContent()
pl->addRow("Homepage", homepage);
pl->addRow("License", new QLabel(plugin->meta.license));
QString libString;
for (const auto &library : plugin->meta.libraryPermissions)
{
if (!libString.isEmpty())
{
libString += ", ";
}
libString += library;
}
bool hasDangerous = plugin->meta.hasDangerousLibraries();
if (hasDangerous)
{
libString += "\nDetected potentially dangerous libraries used, be "
"careful with this plugin";
}
auto *libs = new QLabel(libString);
if (hasDangerous)
{
libs->setStyleSheet("color: red");
}
pl->addRow("Used libraries", libs);
QString cmds;
for (const auto &cmdName : plugin->listRegisteredCommands())
{