MOO-cows Mailing List Archive


MOO trojan horse (was Re: more questions)

In message <>, "Mike Moore" writes:
> > [My try at an object only the owner can move]
> > @verb foo:moveto this none this
> > @program foo:moveto
> > if (player == this.owner)
> >   pass(@args);
> > [...]
> This is actually a small security leak.  The reason is, I could reprogram
> my :tell verb (a commonly called one) to try to move an object with the
> above code installed to wherever.  When that object's owner pages me,
> [...]
> A more robust approach would be:
> if ($perm_utils:controls (caller_perms(), this) && (player == this.owner))
> [...]

Thanks. A related question : how would you implement a similar check for
a verb that can be called both from the command level and deeper in the
stack ? Is that what caller is for ? I'm still wondering about what that's

How long do you think until we get MOO security consultants and tiger
teams on the job market ? :-(

Michel Lavondes (, speaking only for himself

"Yea, the heavens shall open and the NP-complete solution be given forth.
ATT executives shall give birth to two-headed operating systems, and 
copyrights shall be expunged. The voice of the GNU shall be heard, but
the faithless will be without transceivers." -- Steve Simmons

Follow-Ups: References:

Home | Subject Index | Thread Index