[MUD-Dev] (fwd) Functional Security

Chris Gray cg at ami-cg.GraySage.Edmonton.AB.CA
Fri Mar 20 08:15:02 CET 1998


[Chris L:]

:From: "Scott G. Stewart" <sstewart at or.cadix.com>

:I can imagine a Mud where wizards have creation capability,  but compete
:against each other, and are therefore bound by certain rules.	In such a
:situation, you would not want one wizard to call the functions in
:another's object.

Part of this is solved by not allowing someone to call a function they
do not have a handle to. You can do this by not making all names public,
and by not letting the system extract a handle from other code that calls
the function. This is a lot harder if your system does all calls virtually,
through stored handles. Then, you need to extend the security system to
individual functions, controlling what security contexts they can be
called from. This opens up lots of issues, but is likely the way that
you have to go. See Chris L's posts from a couple of years ago on this
sort of thing.

--
Chris Gray   cg at ami-cg.GraySage.Edmonton.AB.CA




More information about the mud-dev-archive mailing list