MOO-cows Mailing List Archive


Re: [SERVER, SECURITY] bug in set_task_perms() ?

>Some time ago, Rui pointed out that the current definition of
>set_task_perms() may lead to a security hole.
>The problem is that wizperms can set_task_perms() to an invalid object.
>Some verbs rely on testing whether valid(caller_perms()), as a general test
>for 'am I being called from command line, or from another verb?', just
>because this is cheaper than using callers(). But setting task perms to an
>invalid may fool this.
>I suggest that bf_set_task_perms be modified to return E_INVARG if the
>wizard attempts to set_task_perms() to an invalid object. The modification
>is very simple. In execute.c, modify:

How is this a security hole, I may be missing the point but if a programmer 
could do this then I would agree. But, a wizard may need to do it, I did and 
why would it be wrong to have it as a possible wizards tool? They can do 
practically anything anyway.


Home | Subject Index | Thread Index