| SYNOPSIS |
| int privilege_violation(string op, mixed who, mixed arg3, mixed arg4) |
| |
| DESCRIPTION |
| Validate the execution of a privileged operation. |
| op denotes the requested operation, who is the object |
| requesting the operation (object_name or object pointer), arg3 |
| and arg4 are additional arguments, depending on the operation. |
| |
| The function should return >0 to grant the privilege, 0 to |
| indicate that the caller was probably misleaded and the error |
| might be fixed, and anything else to indicate a real |
| violation, that will be handled as run time error. |
| |
| The privileged operations are: |
| attach_erq_demon Attach the erq demon to object <arg> with |
| flag <args>. |
| bind_lambda Bind a lambda-closure to object arg3. |
| call_out_info Return an array with all call_out |
| informations. |
| nomask simul_efun Attempt to get an efun <arg> via efun:: when |
| it is shadowed by a nomask type simul_efun. |
| rename_object The object who tries to rename the object |
| arg3 to the name arg4. |
| send_udp Send UDP-data to host arg3. |
| set_auto_include_string Set the string automatically included |
| by the compiler into every object. |
| get_extra_wizinfo Get the additional wiz-list info for user |
| arg3. |
| set_extra_wizinfo Set the additional wiz-list info for user |
| arg3. |
| set_extra_wizinfo_size Set the size of the additional user |
| info in the wiz-list to arg3. |
| set_driver_hook : Set hook <arg> to <arg2>. |
| set_this_object Set this_object() to arg3. |
| shadow_add_action Add an action to function arg4 that is |
| shadowed by the object arg3. |
| symbol_variable Attempt to make a symbol from a hidden |
| inherited variable. arg3 is the object in |
| question, arg4 the number of the variable in |
| the variable table. |
| wizlist_info Return an array with all wiz-list |
| information. |
| |
| call_out_info() can return the arguments to functions and |
| lambda closures to be called by call_out(); you should |
| consider that read access to closures, mappings and arrays |
| means write access and/or other privileges. |
| wizlist_info() will return an array which holds, among others, |
| the extra wizlist field. While a toplevel array, if found, |
| will be copied, this does not apply to nested arrays or to any |
| mappings. You might also have some sensitive closures there. |
| send_udp() should be watched as it could be abused to mess up |
| the IMP. |
| The xxx_extra_wizinfo operations are necessary for a proper |
| wizlist and should therefore be restricted to admins. |
| All other operations are potential sources for direct security |
| breaches - any use of them should be scrutinized closely. |
| |
| SEE ALSO |
| simul_efun(C), call_out_info(E), shadow(E), add_action(E), |
| wizlist(E), set_this_object(E), rename_object(E), |
| bind_lambda(E), send_udp(E), set_auto_include_string(E) |