MOO-cows Mailing List Archive


Re: Guests on the MOO

Sorry if this is old, but I got emailbombed and finally got it cleared 
and have been able to go through the old email that I got a while ago 
before the bomb...

On Wed, 10 Apr 1996, Brian E. Murfin wrote:
> Many thanks to the people who responded on the issue of MOO security.  
> I've got another question:  Because our MOO will be used by secondary 
> school students, we need to provide a secure and safe environment.  I 
> would like to only allow guests to look, access help, and navigate 
> through the MOO.  All other commands would be disabled for visitors.  What 
> would be the easiest and most secure way of doing this?

You could create a barren player class for guests, with only a couple of 
commands and nothing else, but don't forget that they can still issue 
commands based on verbs that lie elsewhere, such as picking up a $thing, 
or sneaking a call of another player's "spam any" verb by calling it as 
"spam this".

The only way to really be secure about it is to create a child of 
$player, name it, say, "Blinders Layer", and give it one verb, * any any 
any.  (Be sure that it is -x, or else Bad Things will happen.)  Program 
it to return player:notify("I don't understand that.");.  This will act 
as a set of blinders (like the ones horses wear to keep them from 
wandering astray when someone's riding them), that allow you to limit 
what commands any descendant of this layer can issue.  Basically, any 
command that is NOT declared on the descendant of this will be 
intercepted by the * verb and will not be allowed to go on for further 

Then, @chparent $guest to the Blinders Layer, and then stick whatever 
commands on $guest that you want guests to have.  Because of the Blinders 
Layer, guests will not be able to issue ANY other commands than what you 
directly give them here.

I hope this helps.



Home | Subject Index | Thread Index