[DGD] Making my own function types

Steve Wooster sw_mlists at xprt.net
Mon Sep 27 18:06:49 CEST 2004 

At 07:48 AM 8/25/2004, you wrote:
>Is there any function type that doesn't do anything special?
>I've built a permission system and I want to be able to specify what
>functions that can't be called by all objects, without having to create a
>database of those functions.
>Is there any way to check what type a function is?
>
>Regards,
>Ludvig Lejon

I don't know if this would be acceptable to you, but here's an idea...
You could set it up, so that functions who's names start with _ (or secure_ 
or something else) require some kind of security check. EG, something like:

void myfunc()
{
     code;
}

void _myfunc()
{
     code;
}

int valid_call( string funcname, object caller )
{
     return 1 or 0;
}

"myfunc" could be called without security restrictions, but "_myfunc" would 
need valid_call() to return 1. Of course, maybe instead of having a 
valid_call function in the object, you could put it in the master object or 
a security daemon.

A way to do this might be: When an object is loaded, check through its 
function listing for functions who's names start with _. If an object has 
some, then call call_touch() in the object. When touch() is called in the 
driver, check if the function call starts with _, and if it does, call 
valid_call() in the object (or security daemon or whatever) to see if it's 
allowed. If it's not, then do error("You're not allowed to do that, you 
evil exploit-abuser! Go away! Shoo! Shoo!"). In any case, be sure to do 
call_touch() in the object again.

I figure that's probably more efficient than masking call_other, since 
masking call_other will affect the performance of objects that don't care 
about security (which I presume are the majority). Unfortunately, I'm a 
newbie to DGD, so I don't know if this is the best way to do security. 
Hopefully somebody knowledgeable can back up or shoot down this idea.

-Steve Wooster 

_________________________________________________________________
List config page:  http://list.imaginary.com/mailman/listinfo/dgd

More information about the DGD mailing list