[DGD]Melville security note

Stephen Schmidt schmidsj at union.edu
Sun Mar 4 06:09:50 CET 2001 

I have made changes to fix the Melville security bugs noted by
Dworkin in an earlier post. I should note that I haven't tested
these -real- extensively, but I spent a few hours trying them
out and they seem to be working.

Further reports on Melville security would be most welcome.

On Mon, 19 Feb 2001, Felix A. Croes wrote:
>  - The function set_creator() is not nomask.

Now it is.

>  - Arrange for some code to be executed during another player's
>    command (for example, he walks into your room) and you can change
>    the creator of an object you made to that player.
>  - The creator of any object can be reset to "Driver" from a callout.
>  - Call user->set_privileges() from a callout, and the privileges
>    are reset to "login".

All fixed by changing set_creator() and set_privileges()
so that, once they are set at create time, they cannot be
reset unless they are "login". That's a somewhat restrictive
change (I can imagine wanting to change the permissions of
an object, for instance) and I'm sure there are ways to
hack through it by trying to get the original values set
to login at create time, but it's easy to understand, which
is my sina que non for Melville.

>  - valid_read() does not first resolve the path it checks.
>  - valid_write() only resolves the path it checks if called from
>    a function called "log_file".

Now they always do.

These changes require one other change, which is that users
in login no longer have access to /data/system (which they
probably never should have had anyway) and so I have moved
the welcome file, new_player file, and news file to a new
directory, /doc/system. The three files /system/user.c,
/system/player/creation.c, and /system/user/login.c all
need one change ("/data/system" to "/doc/system") to
reflect this.

The changes are small, not more than about ten lines. I will
email a new security.c file to anyone who wants it. At some
near time, I may release a diff between the two. At some not
so near time, I'll release Melville 0.9.1, though I might
do some more hacking before I do that and it might not be
for quite a while.
 
Steve















List config page:  http://list.imaginary.com/mailman/listinfo/dgd

More information about the DGD mailing list