Nasal security: don't break file dialogs

Include the directory itself when allowing reading
Don't kill the script on a denied directory read

diff --git a/src/Main/util.cxx b/src/Main/util.cxx
index 523893b5b0e8025499f655c207b477cf395f90f3..cfc12cb5fa2aeee1c9c9e852f457ed9ce6405066 100644 (file)
--- a/src/Main/util.cxx
+++ b/src/Main/util.cxx
@@ -101,6 +101,8 @@ void fgInitAllowedPaths()
 #endif
     read_allowed_paths.push_back(fg_root + sep + "*");
     read_allowed_paths.push_back(fg_home + sep + "*");
+    read_allowed_paths.push_back(fg_root);
+    read_allowed_paths.push_back(fg_home);
     string_list const aircraft_paths = globals->get_aircraft_paths();
     string_list const scenery_paths = globals->get_secure_fg_scenery();
     // not plain fg_scenery, to avoid making
@@ -124,6 +126,7 @@ void fgInitAllowedPaths()
               exit(-1);
           }
           read_allowed_paths.push_back(SGPath(*it).realpath() + sep + "*");
+          read_allowed_paths.push_back(SGPath(*it).realpath());
       }
     }
 

diff --git a/src/Scripting/NasalSys.cxx b/src/Scripting/NasalSys.cxx
index dcd996540d68d1cdcabf9bf8be4c9cb5000a56f1..e5174c3158d3319e88898507de8d42df60c0af34 100644 (file)
--- a/src/Scripting/NasalSys.cxx
+++ b/src/Scripting/NasalSys.cxx
@@ -581,7 +581,7 @@ static naRef f_directory(naContext c, naRef me, int argc, naRef* args)
         naStr_data(args[0]) << "' denied (unauthorized directory - authorization"
         " no longer follows symlinks; to authorize reading additional "
         "directories, add them to --fg-aircraft)");
-        naRuntimeError(c, "directory(): access denied (unauthorized directory)");
+        // to avoid breaking dialogs, pretend it doesn't exist rather than erroring out
         return naNil();
     }