[Home] [Groups] - Message: [Prev in Group] [Next in Group]

nu.kanga.list.mud-dev

4895: (fwd) Functional Security

[Full Header] [Plain Text]
From: J C Lawrence <claw@under.engr.sgi.com>
Newsgroups: nu.kanga.list.mud-dev
Date: Thu, 19 Mar 1998 16:15:56 -0800 (PST)
Organization: Kanga.Nu
Worth thinking about:

From: "Scott G. Stewart" <sstewart@or.cadix.com>
Newsgroups: rec.games.mud.lp
Subject: Functional Security
Date: Thu, 19 Mar 1998 14:23:46 -0800

The few LPC security schemes I have looked at seem to emphasize file
system security (the ability to read or write a file).  Is functional
security (the ability to invoke a function in an object) downplayed, or
have I missed something?

When I looked at the Lima code, I saw that the monster "die()" function
had no security....  Does this mean that a "hostile" wizard could create
an object which calls that function on any given target?

I can imagine a Mud where wizards have creation capability,  but compete
against each other, and are therefore bound by certain rules.  In such a
situation, you would not want one wizard to call the functions in
another's object.

-- Scott

--
J C Lawrence                               Internet: claw@null.net
(Contractor)                               Internet: coder@ibm.net
---------(*)                     Internet: claw@under.engr.sgi.com
...Honourary Member of Clan McFud -- Teamer's Avenging Monolith...