cleolibrary / CLEO5

CLEO 5 for GTA San Andreas
https://cleo.li
MIT License
57 stars 6 forks source link

Limit File operations #167

Closed x87 closed 3 months ago

x87 commented 4 months ago

https://github.com/cleolibrary/CLEO5/blob/f4ee380c68ab78486c06c2abfe775b4e7e324a58/cleo_plugins/FileSystemOperations/FileSystemOperations.cpp#L529

It is very harmful operation and should be limited to avoid causing damage from flawed logic or bad scripts. Script should only be able to delete files it created in the first place, there is never a case when you allow deleting random files/directories.

We need to keep track of files/directories created by current script, then use this information when deleting files/directories. Deleting a file/directory that is not on the list should be a noop with a warning. Copying a file creates an ownership over the copy, but not original.

Same logic should be applied to move operations, as moving an important file can break user environment

MiranDMC commented 3 months ago

Done in Alpha.67 Simply limited file paths used in opcodes to game root or game settings directory. More advanced peer-script file ownership can not be done reliably, creating some scenarios where script will be not able to edit file it created itself.