<!-- MHonArc v2.4.4 --> <!--X-Subject: Re: [MUD-Dev] (fwd) Functional Security --> <!--X-From-R13: [vebfyni Evybivp <fvybivpNmrfbv.sre.ue> --> <!--X-Date: Fri, 20 Mar 1998 10:37:31 +0000 --> <!--X-Message-Id: 7elnu51wdc.fsf#zesoi,fer.hr --> <!--X-Content-Type: text/plain --> <!--X-Reference: Pine.LNX.3.96.980320084547.620D-100000#mpc,dyn.ml.org --> <!--X-Head-End--> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> <html> <head> <title>MUD-Dev message, Re: [MUD-Dev] (fwd) Functional Security</title> <!-- meta name="robots" content="noindex,nofollow" --> <link rev="made" href="mailto:silovic#zesoi,fer.hr"> </head> <body background="/backgrounds/paperback.gif" bgcolor="#ffffff" text="#000000" link="#0000FF" alink="#FF0000" vlink="#006000"> <font size="+4" color="#804040"> <strong><em>MUD-Dev<br>mailing list archive</em></strong> </font> <br> [ <a href="../">Other Periods</a> | <a href="../../">Other mailing lists</a> | <a href="/search.php3">Search</a> ] <br clear=all><hr> <!--X-Body-Begin--> <!--X-User-Header--> <!--X-User-Header-End--> <!--X-TopPNI--> Date: [ <a href="msg00784.html">Previous</a> | <a href="msg00786.html">Next</a> ] Thread: [ <a href="msg00780.html">Previous</a> | <a href="msg00849.html">Next</a> ] Index: [ <A HREF="author.html#00785">Author</A> | <A HREF="#00785">Date</A> | <A HREF="thread.html#00785">Thread</A> ] <!--X-TopPNI-End--> <!--X-MsgBody--> <!--X-Subject-Header-Begin--> <H1>Re: [MUD-Dev] (fwd) Functional Security</H1> <HR> <!--X-Subject-Header-End--> <!--X-Head-of-Message--> <UL> <LI><em>To</em>: <A HREF="mailto:mud-dev#null,net">mud-dev#null,net</A></LI> <LI><em>Subject</em>: Re: [MUD-Dev] (fwd) Functional Security</LI> <LI><em>From</em>: Miroslav Silovic <<A HREF="mailto:silovic#zesoi,fer.hr">silovic#zesoi,fer.hr</A>></LI> <LI><em>Date</em>: 20 Mar 1998 11:37:19 +0100</LI> <LI><em>Reply-To</em>: <A HREF="mailto:silovic#srce,hr">silovic#srce,hr</A></LI> </UL> <!--X-Head-of-Message-End--> <!--X-Head-Body-Sep-Begin--> <HR> <!--X-Head-Body-Sep-End--> <!--X-Body-of-Message--> <PRE> Matt Chatterley <matt#mpc,dyn.ml.org> writes: > It does exist in MudOS, but yes, is often downplayed, it seems. I haven't > gone to any great lengths to change this (the only functions that I have > really secured are those that interface with the FS and other 'sensitive' > parts of the game backbone. > > One problem with introducing heavy function-security is that unless you > design it in what appears (to me) a quite cumbersome way, you will cause > problems when you wish unprivaleged objects to interact with each other in > theoretically sensitive ways. Actually Cold seems to have solved this problem: It has the following mechanisms: 1) bind() - binds primitive function to an object. After that, only the methods on the object can invoke the function 2) native methods - C function can be interfaced with Cold in such a way that it appears to be ordinary method for all practical purposes (except that you can't list its source) 3) private/public/protected method flags - these do the same thing as in C++ - they limit the objects that can call methods 4) no_override flag - flag a method with this and it can't be overriden on the descendants of the object This is enough for a simple /and/ powerful security mechanisms implemented in the core. Most methods that need protection simply do (> .perms(caller(), <permission type>) <); which calls no_override root method that performs the actual perm check and throws an error if necessary ((> <) is error propagation operator). So, layers are like this: bottom: sensitive functions are bound to relevant objects (dumping, shutdown etc. to $sys, networking to the generic connection, and so on). perm checks: methods on the root object that can be invoked with a nice syntax from wherever they are needed ring permission attributes: Cold maintains manager/writer/readed/trusted lists for each object. $root.perm method is a clean interface to this. Source for $root.perms is at <A HREF="http://ice.cold.org/bin/method?target=$root.perms">http://ice.cold.org/bin/method?target=$root.perms</A> Miro -- I refuse to use .sig </PRE> <!--X-Body-of-Message-End--> <!--X-MsgBody-End--> <!--X-Follow-Ups--> <HR> <ul compact><li><strong>Follow-Ups</strong>: <ul> <li><strong><A NAME="00849" HREF="msg00849.html">Re: [MUD-Dev] (fwd) Functional Security</A></strong> <ul compact><li><em>From:</em> J C Lawrence <claw#under,engr.sgi.com></li></ul> </UL></LI></UL> <!--X-Follow-Ups-End--> <!--X-References--> <UL><LI><STRONG>References</STRONG>: <UL> <LI><STRONG><A NAME="00780" HREF="msg00780.html">Re: [MUD-Dev] (fwd) Functional Security</A></STRONG> <UL><LI><EM>From:</EM> Matt Chatterley <matt#mpc,dyn.ml.org></LI></UL></LI> </UL></LI></UL> <!--X-References-End--> <!--X-BotPNI--> <UL> <LI>Prev by Date: <STRONG><A HREF="msg00784.html">Re: [MUD-Dev] Balancing Addicts -> soft vs. hard enforcement</A></STRONG> </LI> <LI>Next by Date: <STRONG><A HREF="msg00786.html">3D engines for MUDs</A></STRONG> </LI> <LI>Prev by thread: <STRONG><A HREF="msg00780.html">Re: [MUD-Dev] (fwd) Functional Security</A></STRONG> </LI> <LI>Next by thread: <STRONG><A HREF="msg00849.html">Re: [MUD-Dev] (fwd) Functional Security</A></STRONG> </LI> <LI>Index(es): <UL> <LI><A HREF="index.html#00785"><STRONG>Date</STRONG></A></LI> <LI><A HREF="thread.html#00785"><STRONG>Thread</STRONG></A></LI> </UL> </LI> </UL> <!--X-BotPNI-End--> <!--X-User-Footer--> <!--X-User-Footer-End--> <ul><li>Thread context: <BLOCKQUOTE><UL> <LI><strong><A NAME="00789" HREF="msg00789.html">Re: [MUD-Dev] (fwd) Functional Security</A></strong>, Felix A. Croes <a href="mailto:felix#xs1,simplex.nl">felix#xs1,simplex.nl</a>, Fri 20 Mar 1998, 16:40 GMT <LI><strong><A NAME="00776" HREF="msg00776.html">(fwd) Functional Security</A></strong>, J C Lawrence <a href="mailto:claw#under,engr.sgi.com">claw#under,engr.sgi.com</a>, Fri 20 Mar 1998, 00:04 GMT <UL> <LI><strong><A NAME="00777" HREF="msg00777.html">Re: [MUD-Dev] (fwd) Functional Security</A></strong>, Ling <a href="mailto:K.L.Lo-94#student,lboro.ac.uk">K.L.Lo-94#student,lboro.ac.uk</a>, Fri 20 Mar 1998, 03:16 GMT </LI> <LI><strong><A NAME="00780" HREF="msg00780.html">Re: [MUD-Dev] (fwd) Functional Security</A></strong>, Matt Chatterley <a href="mailto:matt#mpc,dyn.ml.org">matt#mpc,dyn.ml.org</a>, Fri 20 Mar 1998, 08:52 GMT <UL> <LI><strong><A NAME="00785" HREF="msg00785.html">Re: [MUD-Dev] (fwd) Functional Security</A></strong>, Miroslav Silovic <a href="mailto:silovic#zesoi,fer.hr">silovic#zesoi,fer.hr</a>, Fri 20 Mar 1998, 10:37 GMT <UL> <LI><strong><A NAME="00849" HREF="msg00849.html">Re: [MUD-Dev] (fwd) Functional Security</A></strong>, J C Lawrence <a href="mailto:claw#under,engr.sgi.com">claw#under,engr.sgi.com</a>, Mon 23 Mar 1998, 19:02 GMT </LI> </UL> </LI> </UL> </LI> </UL> </LI> <LI><strong><A NAME="00760" HREF="msg00760.html">Re: [MUD-Dev] Transport layer (UDP vs TCP)</A></strong>, Chris Gray <a href="mailto:cg#ami-cg,GraySage.Edmonton.AB.CA">cg#ami-cg,GraySage.Edmonton.AB.CA</a>, Thu 19 Mar 1998, 01:54 GMT <LI><strong><A NAME="00759" HREF="msg00759.html">Re: [MUD-Dev] SfD: Clientside Caching</A></strong>, Chris Gray <a href="mailto:cg#ami-cg,GraySage.Edmonton.AB.CA">cg#ami-cg,GraySage.Edmonton.AB.CA</a>, Thu 19 Mar 1998, 01:54 GMT <LI><strong><A NAME="00757" HREF="msg00757.html">SIMULATING FUTURE HISTORIES: THE NAU SOLAR SYSTEM SIMULATION & MARS SETTLEMENT</A></strong>, J C Lawrence <a href="mailto:claw#under,engr.sgi.com">claw#under,engr.sgi.com</a>, Thu 19 Mar 1998, 00:42 GMT </LI> </UL></BLOCKQUOTE> </ul> <hr> <center> [ <a href="../">Other Periods</a> | <a href="../../">Other mailing lists</a> | <a href="/search.php3">Search</a> ] </center> <hr> </body> </html>