diff options
| author | Giuseppe Bilotta <giuseppe.bilotta@gmail.com> | 2006-08-26 21:41:02 +0000 |
|---|---|---|
| committer | Giuseppe Bilotta <giuseppe.bilotta@gmail.com> | 2006-08-26 21:41:02 +0000 |
| commit | 83bfc1d808e63691b2f3081f903aa05684c379b6 (patch) | |
| tree | f6df6f0ccecdff16979691b99053ca0c1140bea9 | |
| parent | 4278e1faa85d60746004c47687b5834c135a54bb (diff) | |
script eval: unsafe, undocumented, not permitted by default
| -rw-r--r-- | ChangeLog | 2 | ||||
| -rw-r--r-- | data/rbot/plugins/script.rb | 17 |
2 files changed, 19 insertions, 0 deletions
@@ -13,6 +13,8 @@ be optional too, and default to nil or [] (resp. single- and multi-word parameters) unless an alternative is provided in the :defaults hash for the message map options. + * Script plugin: new (UNSAFE!) eval function. Not documented in help. + Not permitted by default. 2006-08-25 Mark Kretschmann <markey@web.de> diff --git a/data/rbot/plugins/script.rb b/data/rbot/plugins/script.rb index ff45df0b..e2669088 100644 --- a/data/rbot/plugins/script.rb +++ b/data/rbot/plugins/script.rb @@ -59,6 +59,7 @@ class ScriptPlugin < Plugin user = args.empty? ? m.sourcenick : args.first Thread.start { + # TODO allow different safe levels for different botusers $SAFE = 3 begin @@ -72,6 +73,20 @@ class ScriptPlugin < Plugin end + def handle_eval( m, params ) + code = params[:code].to_s.dup.untaint + Thread.start { + # TODO allow different safe levels for different botusers + begin + eval( code ) + rescue => e + m.reply( "Script '#{name}' crapped out :(" ) + m.reply( e.inspect ) + end + } + end + + def handle_add( m, params, force = false ) name = params[:name] if !force and @commands.has_key?( name ) @@ -140,10 +155,12 @@ end plugin = ScriptPlugin.new plugin.register( "script" ) plugin.default_auth( 'edit', false ) +plugin.default_auth( 'eval', false ) plugin.map 'script add -f :name *code', :action => 'handle_add_force', :auth_path => 'edit' plugin.map 'script add :name *code', :action => 'handle_add', :auth_path => 'edit' plugin.map 'script del :name', :action => 'handle_del', :auth_path => 'edit' +plugin.map 'script eval *code', :action => 'handle_eval' plugin.map 'script list :page', :action => 'handle_list', :defaults => { :page => '1' } plugin.map 'script show :name', :action => 'handle_show' |