[DGD] Re: Net Security

[Jason Cone]

What I think Felix presented was a consideration to take into account when
dealing with the networking package.  My main concern was that there was a
core problem with the existence of the net package within DGD - that DGD
would crash under certain circumstances, for example.  He, however, removed
this concern.  His basic point was that outgoing connections could be opened
by those who have access to the MUD (and have access to code there) for a
malevolent purpose.

It's my opinion that, with the adequate integration of the networking efuns
and auto object, you can protect the functionality enough to limit such
potential uses of sockets to those that *need* the access.  In most cases,
only certain MUDlib objects will need access to the connect() efun.  It's
easy enough to restrict access in that manner.  That doesn't *solve* the
issue, though.  This is quite similar to issues surrounding MUD security in
general - there is *no* perfect system.  You need to sit down and define
what your needs are and what weaknesses are acceptible.

Personally speaking, the ability to have a SMTP server (as Kevin pointed
out) as well as a non-passive FTP server totally justifies the use of the
networking package even in light of the possible things that can happen via
malevolent coders.  As stated above, if you think about the design of your
auto object as it relates to the networking efuns, the risk should be
minimal.

--
  Jason H. Cone
  Dept. Computer Science
  Texas A&M University
  jcone at cs.tamu.edu





List config page:  http://list.imaginary.com/mailman/listinfo/dgd