MUD-Dev
mailing list archive

Other Periods  | Other mailing lists  | Search  ]

Date:  [ Previous  | Next  ]      Thread:  [ Previous  | Next  ]      Index:  [ Author  | Date  | Thread  ]

Re: [MUD-Dev] (fwd) Functional Security



Miroslav Silovic <silovic#zesoi,fer.hr> wrote:
> Matt Chatterley <matt#mpc,dyn.ml.org> writes:
>
> > It does exist in MudOS, but yes, is often downplayed, it seems. I haven't
> > gone to any great lengths to change this (the only functions that I have
> > really secured are those that interface with the FS and other 'sensitive'
> > parts of the game backbone.

To be more precise, a security system that provides call_other() safety
exists in the Lima mudlib for MudOS.  It works pretty well, but isn't
perfect (for a criticism, read my recent postings in r.g.m.lp on the
subject).


> > One problem with introducing heavy function-security is that unless you
> > design it in what appears (to me) a quite cumbersome way, you will cause
> > problems when you wish unprivaleged objects to interact with each other in
> > theoretically sensitive ways.
>
> Actually Cold seems to have solved this problem: It has the following
> mechanisms:

<feature list omitted>

LPC has all of these as well.  The afore-mentioned security system
attempts to impose <default> security for code that does not explicitly
make use of any of these features or permission checks.

Felix Croes



Other Periods  | Other mailing lists  | Search  ]