[DGD] capability based security?
Raymond Jennings
shentino at gmail.com
Mon Mar 7 20:39:08 CET 2016
So it's been said in the past that true security would be based around
capabilities.
So...how would one go about that in a DGD mudlib?
Off the top of my head, I can think of a very basic method.
Something like /obj/cap, that has:
* description of what it can do
* references to any other capabilities or objects this cap's validity
depends on
* code to validate (recursively, if needed) that the capability is still
valid
To revoke the capability, just destruct it and poof, it, any outstanding
handles, and any dependent capabilities, go boom.
And also something like /lwo/caphandle, that contains a single reference to
an /obj/cap, and can be passed around like a handle
Possible uses:
* User authentication
When a user logs in and is authenticated, grant the user object a
capability generated by the account module, and make the capability
revokable at any time if the user disconnects, if the users account is
flagged as compromised...if an admin bans the user...
* wiztool activation
Possibly built on more secure requirements that also depend on the previous
point.
Thoughts?
Obviously, accounting for the capabilities in question would be necessary
to avoid orphaning/garbage issues.
My guess is that the creator of a capability would retain the object
reference internally and use it as a "badge" of sorts to check against any
other capability handles presented to it.
More information about the DGD
mailing list