MOO-cows Mailing List Archive

[Prev][Next][Index][Thread]

Re: @create



At 7:12 PM 5/12/96, Chris Jones wrote:
>        What I did to fix that is:
>#1) Removed the wizard check from $quota_utils:bi_create,
>#2) Protected the create() builtin via $server_options.protect_create
>#3) Set up $bf_create() along these lines:
>
>        if (!length(children($garbage)))
>        set_task_perms(#2);
>        foo = create();
>        chparent(foo, args[<whatever it is>]);
>        $wiz_utils:chown(foo, args[<whatever it is>]);
>        set_task_perms(caller_perms);
>        return foo;
>        else
>        set_task_perms(#2);
>        foo = children($garbage)[random(length(children($garbage)))];
>        chparent(foo, args[<whatever it is>]);
>        $wiz_utils:chown(foo, args[<whatever it is>]);
>        set_task_perms(caller_perms);
>        return foo;
>        endif

There are several things wrong with this approach.  First, it doesn't check
to make sure that the garbage item picked is inside the recycler.  Some
could have a valid reason for having a garbage object, and this would cause
some random object across the MOO be chowned and chparented.  It doesn't
even clear off whatever additions that player made to it in properties or
verbs, which is a huge security hole.  (Besides, why use a tick hungry
random way of picking which garbage item is used?  Just use [1], the first
one it can find.)  It isn't object orientated at all, in design - it should
allow the $recycler to handle recreation of a recycled object, which is
what it's designed for.  Also, I don't think that create() is a good place
to put this code, because you need to be able to access raw create() for
things like player creation, to insure that all new players get a never
before used number (or Very Bad Things Will Happn.)

In other words, the code you posted fixes no real problems and only opens
up security holes and other related troubles.

To fix the frand's PC problem just chmod #42:controls -d, or program in
error checking into #42:controls to ensure that it's passed the right
arguments, or, better, program Frand's PC to be a little more forgiving of
invalid programmers in controls(), because that's the real cause of the
traceback.  (Perhaps surround the call to #42:controls() by a TRY
statement?)

Phantom

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQCPAzEtexUAAAEEALPfu202DEwxLQ96BwKL5liDPzdCVox/iSbc201h5oTzLGmT
v1PU+TmeS/lEtTvVe5WVZ3iDjjKDcoWwc1MRmbCMMVosywXEiXoLqWBTj+hlcKXA
//TpyK4RRBZodr6eFesy2wSphpXTtJnIduKMDP0XuVgcrOILMUa1Zcdw+pa1ABEB
AAG0LVJpY2hhcmQgQ29ubmFtYWNoZXIgPHBoYW50b21AYmF5bW9vLnNmc3UuZWR1
Pg==
=iME4
-----END PGP PUBLIC KEY BLOCK-----




Follow-Ups:

Home | Subject Index | Thread Index