nu.kanga.list.mud-dev

4908: Re: [MUD-Dev] (fwd) Functional Security

Miroslav Silovic <silovic@zesoi.fer.hr> wrote:
> Matt Chatterley <matt@mpc.dyn.ml.org> writes:
>
> > It does exist in MudOS, but yes, is often downplayed, it seems. I haven't
> > gone to any great lengths to change this (the only functions that I have
> > really secured are those that interface with the FS and other 'sensitive'
> > parts of the game backbone.

To be more precise, a security system that provides call_other() safety
exists in the Lima mudlib for MudOS.  It works pretty well, but isn't
perfect (for a criticism, read my recent postings in r.g.m.lp on the
subject).


> > One problem with introducing heavy function-security is that unless you
> > design it in what appears (to me) a quite cumbersome way, you will cause
> > problems when you wish unprivaleged objects to interact with each other in
> > theoretically sensitive ways.
>
> Actually Cold seems to have solved this problem: It has the following
> mechanisms:

<feature list omitted>

LPC has all of these as well.  The afore-mentioned security system
attempts to impose <default> security for code that does not explicitly
make use of any of these features or permission checks.

Felix Croes