Create a filesystem abstraction layer for CSM and only allow accessing files that are scanned into it. (#5965)

* Load client-side mods into memory before executing them.

This removes the remaining filesystem access that client-sided mods had and it will hopefully make then more secure.

* Lua Virtual filesystem: don't load the files into memory just scan the filenames into memory.

* Fix the issues with backtrace

* fix most of the issues

* fix code style.

* add a comment

1 files changed, 6 insertions, 2 deletions

diff --git a/src/script/cpp_api/s_security.h b/src/script/cpp_api/s_security.h
index f0eef00bb..059dccef1 100644
--- a/src/script/cpp_api/s_security.h
+++ b/src/script/cpp_api/s_security.h
@@ -41,14 +41,18 @@ with this program; if not, write to the Free Software Foundation, Inc.,
 class ScriptApiSecurity : virtual public ScriptApiBase
 {
 public:
-	int backupGlobals(lua_State *L);
+	int getThread(lua_State *L);
+	// creates an empty Lua environment
+	void createEmptyEnv(lua_State *L);
+	// sets the enviroment to the table thats on top of the stack
+	void setLuaEnv(lua_State *L, int thread);
 	// Sets up security on the ScriptApi's Lua state
 	void initializeSecurity();
 	void initializeSecurityClient();
 	// Checks if the Lua state has been secured
 	static bool isSecure(lua_State *L);
 	// Loads a file as Lua code safely (doesn't allow bytecode).
-	static bool safeLoadFile(lua_State *L, const char *path);
+	static bool safeLoadFile(lua_State *L, const char *path, const char *display_name = NULL);
 	// Checks if mods are allowed to read (and optionally write) to the path
 	static bool checkPath(lua_State *L, const char *path, bool write_required,
 			bool *write_allowed=NULL);