MOO-cows Mailing List Archive


patchs and add on's

The Raptor inquired in a private message about my reference to
#0:connected_seconds in my previous mail, so I thought I'd respond
with a diatribe on the use of $server_options and #0 verbs.

The idea is, you @prop $server_options.protect_connected_seconds 1,
and then create #0:connected_seconds (well, you do this in the other
order :-) which is a wiz-owned verb that does the appropriate (for
your application) checking of caller, caller_perms(), and any
arguments.  In that verb, you can just call the builtin
connected_seconds (since the verb is wizowned it's not stopped by the
$server_options protection).  You @grep for connected_seconds in all
the moo code everywhere and replace it with the equivalent call to
#0:connected_seconds.  (No there is no automated tool for this.)  If
you want to prevent mere mortals from calling connected_seconds, you
might check first that the core isn't using it from a Hacker owned
verb, and permit caller_perms()==$hacker access.  It might be
necessary to look for odd uses like $object_utils:connected() (but
then you'd be wanting to protect that too.)  You probably need to make
your verb !d and have it check for all the possible errors and return
error objects (e.g. E_INVARG), remembering, of course, that it should
be permissible to call connected_seconds on a !valid player
object---that being what not yet logged in players look like.

You don't have to put the verb on #0.  We've been doing that on
LambdaMOO just sort of as a convention; I think Seth has been arguing
that $connected_seconds() should be shorthand for #0.connected_seconds.

I can't think of any reason that you wouldn't be able to protect
connected_seconds in this fashion, and would be interested to hear
diagnoses of such a problem.

      Judy Anderson yclept yduJ          'yduJ' rhymes with 'fudge' (personal mail) (work-related)
	Join the League for Programming Freedom,

Home | Subject Index | Thread Index