Gitiles
Code Review Sign In
gerrit.morgengrauen.info / mudlib-public / 7ea4a03dfec8fd917fa08d5e21c0519a02a8e7a2 / . / doc / master / privilege_violation
blob: 291866393bb6769fe2eac898ca835d9aa1b3bcb8 [file] [log] [blame]
MG Mud User88f12472016-06-24 23:31:02 +0200[diff] [blame]1SYNOPSIS
Zesstra7ea4a032019-11-26 20:11:40 +0100[diff] [blame^]2 int privilege_violation(string op, mixed who, mixed arg, mixed arg2, mixed arg3)
MG Mud User88f12472016-06-24 23:31:02 +0200[diff] [blame]3
4DESCRIPTION
Zesstra7ea4a032019-11-26 20:11:40 +0100[diff] [blame^]5 Validate the execution of a privileged operation.
6 op denotes the requested operation, who is the object
7 requesting the operation (file_name or object pointer), <arg>
8 and <arg2> are additional arguments, depending on the operation.
MG Mud User88f12472016-06-24 23:31:02 +0200[diff] [blame]9
Zesstra7ea4a032019-11-26 20:11:40 +0100[diff] [blame^]10 The function should return >0 to grant the privilege, 0 to
11 indicate that the caller was probably misled and the error
12 might be fixed, and anything else to indicate a real
13 violation that will be handled as run time error.
MG Mud User88f12472016-06-24 23:31:02 +0200[diff] [blame]14
Zesstra7ea4a032019-11-26 20:11:40 +0100[diff] [blame^]15 The privileged operations are:
16 attach_erq_demon : Attach the erq demon to object <arg> with
17 flag <arg2>.
18 bind_lambda : Bind a lambda-closure to object <arg>.
19 call_out_info : Return an array with all call_out
20 informations.
21 configure_interactive : Set option <arg2> with value <arg3> as
22 default (<arg>==0) or for object <arg>.
23 configure_object : Set option <arg2> with value <arg3> for
24 object <arg>.
25 configure_driver : Set option <arg1> to value(s) <arg2>.
26 enable_telnet : Enable/disable telnet (<arg2>) for object
27 <arg>.
28 execute_command : Execute command string <arg2> for the object
29 <arg>.
30 erq : At the request <arg2> is to be sent to the
31 : erq-demon by the object <who>.
32 garbage_collection : Object <who> calls the efun
33 garbage_collection() with <arg> as filename
34 and <arg2> as flag.
35 input_to : Object <who> redirects the next input from
36 commandgiver <arg>, using <arg2> as value
37 for the flags. This is used for flag values
38 including the 'no bang' option.
39 limited : Execute <arg> with reduced/changed limits
40 1<arg2> (as return by query_limits()).
41 mysql : Object <who> attempted to execute mySQL efun
42 <arg>.
43 pgsql : Object <who> attempted to execute Postgres efun
44 <arg>.
45 net_connect : Attempt to open a connection to host <arg>,
46 port <arg2>.
47 nomask simul_efun : Attempt to get an efun <arg> via efun:: when
48 it is shadowed by a nomask type simul_efun.
49 rename_object : The object <who> tries to rename the object
50 <arg> to the name <arg2>.
51 send_udp : Send UDP-data to host <arg>.
52 get_extra_wizinfo : Get the additional wiz-list info for user
53 <arg>.
54 set_extra_wizinfo : Set the additional wiz-list info for user
55 <arg>.
56 set_extra_wizinfo_size : Set the size of the additional user
57 info in the wiz-list to <arg>.
58 set_driver_hook : Set hook <arg> to <arg2>.
59 set_limits : Set limits to <arg> (as returned by
60 query_limits()).
61 set_max_commands : Set the max. number of commands interactive
62 object <arg> can issue per second to <arg2>.
63 set_this_object : Set this_object() to <arg>.
64 shadow_add_action : Add an action to function <arg2> of object
65 <arg> from the shadow <who> which is shadowing
66 <arg>.
67 shutdown : Object <who> calls the efun shutdown with <arg>
68 as argument.
69 sqlite_pragma : Execute pragma statement in SQLite.
70 symbol_variable : Attempt to make a symbol from a hidden
71 inherited variable. <arg> is the object in
72 question, <arg2> the number of the variable in
73 the variable table.
74 variable_list : An attempt to return the variable values of
75 object <arg> is made from a different object
76 <who>.
77 wizlist_info : Return an array with all wiz-list
78 information.
MG Mud User88f12472016-06-24 23:31:02 +0200[diff] [blame]79
Zesstra7ea4a032019-11-26 20:11:40 +0100[diff] [blame^]80 call_out_info() can return the arguments to functions and
81 lambda closures to be called by call_out(); you should
82 consider that read access to closures, mappings and arrays
83 means write access and/or other privileges.
84 wizlist_info() will return an array which holds, among others,
85 the extra wizlist field. While a toplevel array, if found,
86 will be copied, this does not apply to nested arrays or to any
87 mappings. You might also have some sensitive closures there.
88 send_udp() should be watched as it could be abused.
89 The xxx_extra_wizinfo operations are necessary for a proper
90 wizlist and should therefore be restricted to admins.
91 All other operations are potential sources for direct security
92 breaches - any use of them should be scrutinized closely.
MG Mud User88f12472016-06-24 23:31:02 +0200[diff] [blame]93
Zesstra7ea4a032019-11-26 20:11:40 +0100[diff] [blame^]94HISTORY
95 LDMud 3.2.10 added the "enable_telnet", "net_connect",
96 "set_max_commands" and "variable_list" violations.
97 LDMud 3.3.563 added the passing of the limits to the "limited"
98 and "set_limits".
99 LDMud 3.2.11/3.3.640 added the "mysql" violation.
100 LDMud 3.3.717 added the "sqlite_pragma" violation.
101
102SEE ALSO
103 net_connect(E), send_erq(E), set_this_object(E), rename_object(E),
104 simul_efun(C), call_out_info(E), shadow(E), add_action(E),
105 bind_lambda(E), send_udp(E), input_to(E), execute_command(E),
106 variable_list(E), enable_telnet(E), mysql(C)