SYNOPSIS int privilege_violation(string op, mixed who, mixed arg3, mixed arg4) DESCRIPTION Validate the execution of a privileged operation. op denotes the requested operation, who is the object requesting the operation (file_name or object pointer), arg3 and arg4 are additional arguments, depending on the operation. The function should return >0 to grant the privilege, 0 to indicate that the caller was probably misleaded and the error might be fixed, and anything else to indicate a real violation, that will be handled as run time error. The privileged operations are: bind_lambda Bind a lambda-closure to object arg3. call_out_info Return an array with all call_out informations. nomask simul_efun Attempt to get an efun via efun:: that is shadowed by a nomask type simul_efun. rename_object The object who tries to rename the object arg3 to the name arg4. send_imp Send UDP-data to host arg3. set_auto_include_string Set the string automatically included by the compiler into every object. get_extra_wizinfo Get the additional wiz-list info for user arg3. set_extra_wizinfo Set the additional wiz-list info for user arg3. set_extra_wizinfo_size Set the size of the additional user info in the wiz-list to arg3. set_this_object Set this_object() to arg3. shadow_add_action Add an action to function arg4 that is shadowed by the object arg3. wizlist_info Return an array with all wiz-list information. call_out_info() can return the arguments to functions and lambda closures to be called by call_out(); you should consider that read access to closures, mappings and arrays means write access and/or other privileges. wizlist_info() will return an array which holds, among others, the extra wizlist field. While a toplevel array, if found, will be copied, this does not apply to nested arrays or to any mappings. You might also have some sensitive closures there. send_imp() should be watched as it could be abused to mess up the IMP. The xxx_extra_wizinfo operations are necessary for a proper wizlist and should therefore be restricted to admins. All other operations are potential sources for direct security breaches - any use of them should be scrutinized closely. SEE ALSO simul_efun(C), call_out_info(E), shadow(E), add_action(E), wizlist(E), set_this_object(E), rename_object(E), bind_lambda(E), send_imp(E), set_auto_include_string(E)