MOO-cows Mailing List Archive


Re: Security... and stuff

At 05:22 PM 7/20/96 PDT, Don Schwarz wrote:
>On Sat, 20 Jul 1996, Kipp the Kidd wrote:
>> At 03:02 AM 7/19/96 PDT, wrote:
>> >Not just security holes.. Allowing players to call ;force_input on
>> >themselves allows them to create a new kind of forkbomb, a hard to find
>> >one. make a verb that calls force_input on yourself, calling that verb.
>> >(Call force_input only once if you just want to see if it works, call it
>> >twice or more if you want to see what happens to the server) You can't see
>> >it in the forked list, and i don't think there is a way to kill the tasks
>> >(yet ?) from within the server...
>> Yes, there is.
>> Disconnect the player.
>Well, I haven't tried it but I'm guessing that this won't work.  One of the
>main reasons that the .flush command was created is that in 1.8.0, when
>players disconnect, their command queue stays around until it's empty.
>So I doubt disconnecting them will do any good at all.  I'm also not sure
>about doing a
>  ;force_input(foo, connection_options(foo, "flush-command"))
>like someone suggested since I think someone asked about that shortly after
>the flush command was added and Pavel (?) said it wouldn't work.  Although
>I wasn't paying real close attention to MOO-Cows back then and I could
>be wrong.

you know, you can use ;flush_input(whoever)... maybe something in
$do_command() as was suggested that checks how many commands have been typed
by a particular user...

Home | Subject Index | Thread Index