MUD-Dev
mailing list archive

Other Periods  | Other mailing lists  | Search  ]

Date:  [ Previous  | Next  ]      Thread:  [ Previous  | Next  ]      Index:  [ Author  | Date  | Thread  ]

(fwd) Functional Security



Worth thinking about:

From: "Scott G. Stewart" <sstewart#or,cadix.com>
Newsgroups: rec.games.mud.lp
Subject: Functional Security
Date: Thu, 19 Mar 1998 14:23:46 -0800

The few LPC security schemes I have looked at seem to emphasize file
system security (the ability to read or write a file).  Is functional
security (the ability to invoke a function in an object) downplayed, or
have I missed something?

When I looked at the Lima code, I saw that the monster "die()" function
had no security....  Does this mean that a "hostile" wizard could create
an object which calls that function on any given target?

I can imagine a Mud where wizards have creation capability,  but compete
against each other, and are therefore bound by certain rules.  In such a
situation, you would not want one wizard to call the functions in
another's object.

-- Scott

-- 
J C Lawrence                               Internet: claw#null,net
(Contractor)                               Internet: coder#ibm,net
---------(*)                     Internet: claw#under,engr.sgi.com
...Honourary Member of Clan McFud -- Teamer's Avenging Monolith...



Other Periods  | Other mailing lists  | Search  ]