Arbitrary code execution is very dangerous. Limit to debug mode.

The filter command allows users with sufficient permission (or OPs) to
execute arbitrary JavaScript (no sandboxing). This is fine for a
debug and testing, but could potentially be exploited in a
production environment. 

Instead, we disable this command by default and force users to enable it
specifically in the configuration file (not through commands). If
someone has access to the config.yml file, they probably also have
access to the plugins/ folder and thus the ability to install plugins
with arbitrary code execution as well.
This commit is contained in:
Kristian 2013-04-07 15:57:01 +02:00
parent 15980d70fb
commit 3ee38d7b6d
4 changed files with 41 additions and 4 deletions

View File

@ -221,12 +221,16 @@ public class CommandFilter extends CommandBase {
// Owner plugin
private final Plugin plugin;
// Whether or not the command is enabled
private ProtocolConfig config;
// Script engine
private ScriptEngine engine;
public CommandFilter(ErrorReporter reporter, Plugin plugin) {
public CommandFilter(ErrorReporter reporter, Plugin plugin, ProtocolConfig config) {
super(reporter, CommandBase.PERMISSION_ADMIN, NAME, 2);
this.plugin = plugin;
this.config = config;
// Start the engine
initalizeScript();
@ -271,6 +275,11 @@ public class CommandFilter extends CommandBase {
*/
@Override
protected boolean handleCommand(CommandSender sender, String[] args) {
if (!config.isDebug()) {
sender.sendMessage(ChatColor.RED + "Debug mode must be enabled in the configuration first!");
return true;
}
final SubCommand command = parseCommand(args, 0);
final String name = args[1];

View File

@ -40,6 +40,8 @@ class ProtocolConfig {
private static final String IGNORE_VERSION_CHECK = "ignore version check";
private static final String BACKGROUND_COMPILER_ENABLED = "background compiler";
private static final String DEBUG_MODE_ENABLED = "debug";
private static final String INJECTION_METHOD = "injection method";
private static final String UPDATER_NOTIFY = "notify";
@ -141,6 +143,24 @@ class ProtocolConfig {
updater.set(UPDATER_DOWNLAD, value);
}
/**
* Determine whether or not debug mode is enabled.
* <p>
* This grants access to the filter command.
* @return TRUE if it is, FALSE otherwise.
*/
public boolean isDebug() {
return global.getBoolean(DEBUG_MODE_ENABLED, false);
}
/**
* Set whether or not debug mode is enabled.
* @param value - TRUE if it is enabled, FALSE otherwise.
*/
public void setDebug(boolean value) {
global.set(DEBUG_MODE_ENABLED, value);
}
/**
* Retrieve the amount of time to wait until checking for a new update.
* @return The amount of time to wait.

View File

@ -130,6 +130,11 @@ public class ProtocolLibrary extends JavaPlugin {
}
}
// Print the state of the debug mode
if (config.isDebug()) {
logger.warning("Debug mode is enabled!");
}
try {
// Check for other versions
checkConflictingVersions();
@ -162,7 +167,7 @@ public class ProtocolLibrary extends JavaPlugin {
// Initialize command handlers
commandProtocol = new CommandProtocol(detailedReporter, this, updater, config);
commandFilter = new CommandFilter(detailedReporter, this);
commandFilter = new CommandFilter(detailedReporter, this, config);
commandPacket = new CommandPacket(detailedReporter, this, logger, commandFilter, protocolManager);
// Send logging information to player listeners too

View File

@ -19,3 +19,6 @@ global:
# Override the starting injecting method
injection method:
# Whether or not to enable the filter command
debug: false