MOO-cows Mailing List Archive
Re: [SECURITY] the basics? (was Re: force_input() and $do_command())
Date: Sun, 7 Jul 1996 18:32:16 PDT
From: Richard Godard <firstname.lastname@example.org>
Content-Type: text/plain; charset="us-ascii"
Illegal-Object: Syntax error in References: value found on alpha.xerox.com: References: Richard Godard's message of Sun, 7 Jul 1996 02: 41: 44 PDT < v03007600ae0532bb993c @ [188.8.131.52] > ^ ^ ^-illegal reference separator | \-illegal reference separator \-illegal reference separator
At 16:03 -0800 7/7/96, Judy Anderson wrote:
> Date: Sun, 7 Jul 1996 02:41:44 PDT
> From: Richard Godard <email@example.com>
> Some food for thought: it's not because caller_perms() are not valid that
> it's safe to set_task_perms(player). (Those who laugh hand have not fixed
> their $root_class:huh lose 1 clone :)
>I'm confused. $root_class:huh is
> 1: set_task_perms(valid(caller_perms()) ? caller_perms() | player);
> 2: $command_utils:do_huh(verb, args);
>I think this is safe. If you think it unsafe, under what
>circumstances can it be called other than by "player"'s typing a
>command line, and what would you recommend as a security check?
Think a bit. Underwhat abnormal circumstancies can caller_perms() be non
valid? Some smart hacker using a recycled object perms.
Now I think to remember that only the server calls verbs with permisions
set to #-1 (well except if you do a set_task_perms(#-1) but that usully not
a thing hackers can do easily)
so here we go:
"... some valid perms? let's use them ...";
elseif (cp == #-1 && !callers())
"... sever task, peace and love, player should be secure ..."
"... dunno what's going on, take no chance: trash ...";
Of course you might wonder why to care about the huh stack... well I would
say you sometime find pretty nifty wiz verbs on wiz features...
I hope this help.
Janus (who think he posted that JHM *security and to Lambda *wiz eons ago...)
Subject Index |