| SYNOPSIS |
| int privilege_violation(string op, mixed who, mixed arg, mixed arg2, mixed arg3) |
| |
| DESCRIPTION |
| Validate the execution of a privileged operation. |
| op denotes the requested operation, who is the object |
| requesting the operation (file_name or object pointer), <arg> |
| and <arg2> are additional arguments, depending on the operation. |
| |
| The function should return >0 to grant the privilege, 0 to |
| indicate that the caller was probably misled and the error |
| might be fixed, and anything else to indicate a real |
| violation that will be handled as run time error. |
| |
| The privileged operations are: |
| attach_erq_demon : Attach the erq demon to object <arg> with |
| flag <arg2>. |
| bind_lambda : Bind a lambda-closure to object <arg>. |
| call_out_info : Return an array with all call_out |
| informations. |
| configure_interactive : Set option <arg2> with value <arg3> as |
| default (<arg>==0) or for object <arg>. |
| configure_object : Set option <arg2> with value <arg3> for |
| object <arg>. |
| configure_driver : Set option <arg1> to value(s) <arg2>. |
| enable_telnet : Enable/disable telnet (<arg2>) for object |
| <arg>. |
| execute_command : Execute command string <arg2> for the object |
| <arg>. |
| erq : At the request <arg2> is to be sent to the |
| : erq-demon by the object <who>. |
| garbage_collection : Object <who> calls the efun |
| garbage_collection() with <arg> as filename |
| and <arg2> as flag. |
| input_to : Object <who> redirects the next input from |
| commandgiver <arg>, using <arg2> as value |
| for the flags. This is used for flag values |
| including the 'no bang' option. |
| limited : Execute <arg> with reduced/changed limits |
| 1<arg2> (as return by query_limits()). |
| mysql : Object <who> attempted to execute mySQL efun |
| <arg>. |
| pgsql : Object <who> attempted to execute Postgres efun |
| <arg>. |
| net_connect : Attempt to open a connection to host <arg>, |
| port <arg2>. |
| nomask simul_efun : Attempt to get an efun <arg> via efun:: when |
| it is shadowed by a nomask type simul_efun. |
| rename_object : The object <who> tries to rename the object |
| <arg> to the name <arg2>. |
| send_udp : Send UDP-data to host <arg>. |
| get_extra_wizinfo : Get the additional wiz-list info for user |
| <arg>. |
| set_extra_wizinfo : Set the additional wiz-list info for user |
| <arg>. |
| set_extra_wizinfo_size : Set the size of the additional user |
| info in the wiz-list to <arg>. |
| set_driver_hook : Set hook <arg> to <arg2>. |
| set_limits : Set limits to <arg> (as returned by |
| query_limits()). |
| set_max_commands : Set the max. number of commands interactive |
| object <arg> can issue per second to <arg2>. |
| set_this_object : Set this_object() to <arg>. |
| shadow_add_action : Add an action to function <arg2> of object |
| <arg> from the shadow <who> which is shadowing |
| <arg>. |
| shutdown : Object <who> calls the efun shutdown with <arg> |
| as argument. |
| sqlite_pragma : Execute pragma statement in SQLite. |
| symbol_variable : Attempt to make a symbol from a hidden |
| inherited variable. <arg> is the object in |
| question, <arg2> the number of the variable in |
| the variable table. |
| variable_list : An attempt to return the variable values of |
| object <arg> is made from a different object |
| <who>. |
| wizlist_info : Return an array with all wiz-list |
| information. |
| |
| call_out_info() can return the arguments to functions and |
| lambda closures to be called by call_out(); you should |
| consider that read access to closures, mappings and arrays |
| means write access and/or other privileges. |
| wizlist_info() will return an array which holds, among others, |
| the extra wizlist field. While a toplevel array, if found, |
| will be copied, this does not apply to nested arrays or to any |
| mappings. You might also have some sensitive closures there. |
| send_udp() should be watched as it could be abused. |
| The xxx_extra_wizinfo operations are necessary for a proper |
| wizlist and should therefore be restricted to admins. |
| All other operations are potential sources for direct security |
| breaches - any use of them should be scrutinized closely. |
| |
| HISTORY |
| LDMud 3.2.10 added the "enable_telnet", "net_connect", |
| "set_max_commands" and "variable_list" violations. |
| LDMud 3.3.563 added the passing of the limits to the "limited" |
| and "set_limits". |
| LDMud 3.2.11/3.3.640 added the "mysql" violation. |
| LDMud 3.3.717 added the "sqlite_pragma" violation. |
| |
| SEE ALSO |
| net_connect(E), send_erq(E), set_this_object(E), rename_object(E), |
| simul_efun(C), call_out_info(E), shadow(E), add_action(E), |
| bind_lambda(E), send_udp(E), input_to(E), execute_command(E), |
| variable_list(E), enable_telnet(E), mysql(C) |