[Home] [Groups] - Message: [Prev in Group] [Next in Group]
4910: Re: [MUD-Dev] (fwd) Functional Security
[Full Header] [Plain Text]
From: "Chris Gray" <cg@ami-cg.GraySage.Edmonton.AB.CA>
Newsgroups: nu.kanga.list.mud-dev
Date: Fri, 20 Mar 98 08:15:02 MST
Organization: Kanga.Nu
[Chris L:]
:From: "Scott G. Stewart" <sstewart@or.cadix.com>
:I can imagine a Mud where wizards have creation capability, but compete
:against each other, and are therefore bound by certain rules. In such a
:situation, you would not want one wizard to call the functions in
:another's object.
Part of this is solved by not allowing someone to call a function they
do not have a handle to. You can do this by not making all names public,
and by not letting the system extract a handle from other code that calls
the function. This is a lot harder if your system does all calls virtually,
through stored handles. Then, you need to extend the security system to
individual functions, controlling what security contexts they can be
called from. This opens up lots of issues, but is likely the way that
you have to go. See Chris L's posts from a couple of years ago on this
sort of thing.
--
Chris Gray cg@ami-cg.GraySage.Edmonton.AB.CA