Update Doku aus Driversourcen
Change-Id: I455f0813b970151089b3dc1b8d9407eea323cdd1
diff --git a/doc/master/privilege_violation b/doc/master/privilege_violation
index 957a4b9..2918663 100644
--- a/doc/master/privilege_violation
+++ b/doc/master/privilege_violation
@@ -1,63 +1,106 @@
SYNOPSIS
- int privilege_violation(string op, mixed who, mixed arg3, mixed arg4)
+ int privilege_violation(string op, mixed who, mixed arg, mixed arg2, mixed arg3)
DESCRIPTION
- Validate the execution of a privileged operation.
- op denotes the requested operation, who is the object
- requesting the operation (object_name or object pointer), arg3
- and arg4 are additional arguments, depending on the operation.
+ Validate the execution of a privileged operation.
+ op denotes the requested operation, who is the object
+ requesting the operation (file_name or object pointer), <arg>
+ and <arg2> are additional arguments, depending on the operation.
- The function should return >0 to grant the privilege, 0 to
- indicate that the caller was probably misleaded and the error
- might be fixed, and anything else to indicate a real
- violation, that will be handled as run time error.
+ The function should return >0 to grant the privilege, 0 to
+ indicate that the caller was probably misled and the error
+ might be fixed, and anything else to indicate a real
+ violation that will be handled as run time error.
- The privileged operations are:
- attach_erq_demon Attach the erq demon to object <arg> with
- flag <args>.
- bind_lambda Bind a lambda-closure to object arg3.
- call_out_info Return an array with all call_out
- informations.
- nomask simul_efun Attempt to get an efun <arg> via efun:: when
- it is shadowed by a nomask type simul_efun.
- rename_object The object who tries to rename the object
- arg3 to the name arg4.
- send_udp Send UDP-data to host arg3.
- set_auto_include_string Set the string automatically included
- by the compiler into every object.
- get_extra_wizinfo Get the additional wiz-list info for user
- arg3.
- set_extra_wizinfo Set the additional wiz-list info for user
- arg3.
- set_extra_wizinfo_size Set the size of the additional user
- info in the wiz-list to arg3.
- set_driver_hook : Set hook <arg> to <arg2>.
- set_this_object Set this_object() to arg3.
- shadow_add_action Add an action to function arg4 that is
- shadowed by the object arg3.
- symbol_variable Attempt to make a symbol from a hidden
- inherited variable. arg3 is the object in
- question, arg4 the number of the variable in
- the variable table.
- wizlist_info Return an array with all wiz-list
- information.
+ The privileged operations are:
+ attach_erq_demon : Attach the erq demon to object <arg> with
+ flag <arg2>.
+ bind_lambda : Bind a lambda-closure to object <arg>.
+ call_out_info : Return an array with all call_out
+ informations.
+ configure_interactive : Set option <arg2> with value <arg3> as
+ default (<arg>==0) or for object <arg>.
+ configure_object : Set option <arg2> with value <arg3> for
+ object <arg>.
+ configure_driver : Set option <arg1> to value(s) <arg2>.
+ enable_telnet : Enable/disable telnet (<arg2>) for object
+ <arg>.
+ execute_command : Execute command string <arg2> for the object
+ <arg>.
+ erq : At the request <arg2> is to be sent to the
+ : erq-demon by the object <who>.
+ garbage_collection : Object <who> calls the efun
+ garbage_collection() with <arg> as filename
+ and <arg2> as flag.
+ input_to : Object <who> redirects the next input from
+ commandgiver <arg>, using <arg2> as value
+ for the flags. This is used for flag values
+ including the 'no bang' option.
+ limited : Execute <arg> with reduced/changed limits
+ 1<arg2> (as return by query_limits()).
+ mysql : Object <who> attempted to execute mySQL efun
+ <arg>.
+ pgsql : Object <who> attempted to execute Postgres efun
+ <arg>.
+ net_connect : Attempt to open a connection to host <arg>,
+ port <arg2>.
+ nomask simul_efun : Attempt to get an efun <arg> via efun:: when
+ it is shadowed by a nomask type simul_efun.
+ rename_object : The object <who> tries to rename the object
+ <arg> to the name <arg2>.
+ send_udp : Send UDP-data to host <arg>.
+ get_extra_wizinfo : Get the additional wiz-list info for user
+ <arg>.
+ set_extra_wizinfo : Set the additional wiz-list info for user
+ <arg>.
+ set_extra_wizinfo_size : Set the size of the additional user
+ info in the wiz-list to <arg>.
+ set_driver_hook : Set hook <arg> to <arg2>.
+ set_limits : Set limits to <arg> (as returned by
+ query_limits()).
+ set_max_commands : Set the max. number of commands interactive
+ object <arg> can issue per second to <arg2>.
+ set_this_object : Set this_object() to <arg>.
+ shadow_add_action : Add an action to function <arg2> of object
+ <arg> from the shadow <who> which is shadowing
+ <arg>.
+ shutdown : Object <who> calls the efun shutdown with <arg>
+ as argument.
+ sqlite_pragma : Execute pragma statement in SQLite.
+ symbol_variable : Attempt to make a symbol from a hidden
+ inherited variable. <arg> is the object in
+ question, <arg2> the number of the variable in
+ the variable table.
+ variable_list : An attempt to return the variable values of
+ object <arg> is made from a different object
+ <who>.
+ wizlist_info : Return an array with all wiz-list
+ information.
- call_out_info() can return the arguments to functions and
- lambda closures to be called by call_out(); you should
- consider that read access to closures, mappings and arrays
- means write access and/or other privileges.
- wizlist_info() will return an array which holds, among others,
- the extra wizlist field. While a toplevel array, if found,
- will be copied, this does not apply to nested arrays or to any
- mappings. You might also have some sensitive closures there.
- send_udp() should be watched as it could be abused to mess up
- the IMP.
- The xxx_extra_wizinfo operations are necessary for a proper
- wizlist and should therefore be restricted to admins.
- All other operations are potential sources for direct security
- breaches - any use of them should be scrutinized closely.
+ call_out_info() can return the arguments to functions and
+ lambda closures to be called by call_out(); you should
+ consider that read access to closures, mappings and arrays
+ means write access and/or other privileges.
+ wizlist_info() will return an array which holds, among others,
+ the extra wizlist field. While a toplevel array, if found,
+ will be copied, this does not apply to nested arrays or to any
+ mappings. You might also have some sensitive closures there.
+ send_udp() should be watched as it could be abused.
+ The xxx_extra_wizinfo operations are necessary for a proper
+ wizlist and should therefore be restricted to admins.
+ All other operations are potential sources for direct security
+ breaches - any use of them should be scrutinized closely.
-SEE ALSO
- simul_efun(C), call_out_info(E), shadow(E), add_action(E),
- wizlist(E), set_this_object(E), rename_object(E),
- bind_lambda(E), send_udp(E), set_auto_include_string(E)
+HISTORY
+ LDMud 3.2.10 added the "enable_telnet", "net_connect",
+ "set_max_commands" and "variable_list" violations.
+ LDMud 3.3.563 added the passing of the limits to the "limited"
+ and "set_limits".
+ LDMud 3.2.11/3.3.640 added the "mysql" violation.
+ LDMud 3.3.717 added the "sqlite_pragma" violation.
+
+SEE ALSO
+ net_connect(E), send_erq(E), set_this_object(E), rename_object(E),
+ simul_efun(C), call_out_info(E), shadow(E), add_action(E),
+ bind_lambda(E), send_udp(E), input_to(E), execute_command(E),
+ variable_list(E), enable_telnet(E), mysql(C)