MOO-cows Mailing List Archive
Re: MOO Security (was Re: something or other)
Date: Mon, 28 Oct 1996 17:44:37 PST
From: Brack <email@example.com>
Content-Type: text/plain; charset="us-ascii"
At 07:41 AM 10/29/96 PST, John P. Wilson wrote:
>Are there any security breaches that can be exploited by a player without
>a programmer bit? In other words, if I do not allow any programmers, will
>I have any security problems?
yeah sometimes. Like if you put a 'any' verb on $wiz or something, and it
has wizperms, it could be exploited to work on the wizard in question. Like
if somewiz puts a @boot any verb, anyone, even a guest, could type @boot
<wiz#> and boot them. Same thing with @shout in older cores. (@shout #2 is
An easy solution for this is to always check if (player==this) of course...
(for !x verbs)
It's Brack, with the sig for the masses! firstname.lastname@example.org
"This is not a signature." - Me http://www.kaiwan.com/~slayer
*U@#(*EU#*#&$(##))(#*) - secret code PGP key: finger email@example.com
Subject Index |