MOO-cows Mailing List Archive

Re: MOO Security (was Re: something or other)

Date: Mon, 28 Oct 1996 17:44:37 PST
From:
Brack <slayer@kaiwan.com>
Content-Type: text/plain; charset="us-ascii"

At 07:41 AM 10/29/96 PST, John P. Wilson wrote:
>
>Are there any security breaches that can be exploited by a player without
>a programmer bit?  In other words, if I do not allow any programmers, will
>I have any security problems?
>
yeah sometimes. Like if you put a 'any' verb on $wiz or something, and it
has wizperms, it could be exploited to work on the wizard in question. Like
if somewiz puts a @boot any verb, anyone, even a guest, could type @boot
<wiz#> and boot them. Same thing with @shout in older cores. (@shout #2 is
stupid)
An easy solution for this is to always check if (player==this) of course...
(for !x verbs)


It's Brack, with the sig for the masses!     slayer@kaiwan.com
"This is not a signature." - Me 	      http://www.kaiwan.com/~slayer
*U@#(*EU#*#&$(##))(#*) - secret code  PGP key: finger slayer@sanar.kaiwan.com

Prev: Re: moo editor discussion
Next: MOO Security (was Re: Threatening of Gothic MOO)
Index: MOO-cows
Thread: MOO-cows

Home | Subject Index | Thread Index