OpenSim
/
OpenSimMirror
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Change the semantics of the Allow_* os function control. Omitting a function 

causes defautlt behavior. "true" now means usable unconditionally, "false"
means disabled, and a list of UUIDs restricts it.
This changes SECURITY! If you used "true" here before, you shoudl review
your setup!
0.6.1-post-fixes
Melanie Thielker 2008-11-17 04:23:03 +00:00
parent 840ef17b8d
commit 928d003bf5
2 changed files with 37 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

54
OpenSim/Region/ScriptEngine/Shared/Api/Implementation/OSSL_Api.cs
View File

@ -187,30 +187,41 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api
if (!m_FunctionPerms.ContainsKey(function)) if (!m_FunctionPerms.ContainsKey(function))
{ {
string perm = m_ScriptEngine.Config.GetString("Allow_"+function, "true"); string perm = m_ScriptEngine.Config.GetString("Allow_"+function, "");
bool allowed; if (perm == "")
if (bool.TryParse(perm, out allowed))
{ {
// Boolean given m_FunctionPerms[function] = null; // a null value is default
if (allowed)
m_FunctionPerms[function] = null; // a null value is all
else
m_FunctionPerms[function] = new List<UUID>(); // Empty list = none
} }
else else
{ {
m_FunctionPerms[function] = new List<UUID>(); bool allowed;
string[] ids = perm.Split(new char[] {','}); if (bool.TryParse(perm, out allowed))
foreach (string id in ids)
{ {
string current = id.Trim(); // Boolean given
UUID uuid; if (allowed)
if (UUID.TryParse(current, out uuid))
{ {
m_FunctionPerms[function].Add(uuid); m_FunctionPerms[function] = new List<UUID>();
m_FunctionPerms[function].Add(UUID.Zero);
}
else
m_FunctionPerms[function] = new List<UUID>(); // Empty list = none
}
else
{
m_FunctionPerms[function] = new List<UUID>();
string[] ids = perm.Split(new char[] {','});
foreach (string id in ids)
{
string current = id.Trim();
UUID uuid;
if (UUID.TryParse(current, out uuid))
{
if (uuid != uuid.Zero)
m_FunctionPerms[function].Add(uuid);
}
} }
} }
} }
@ -223,6 +234,8 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api
// to use that particular function. False causes an empty // to use that particular function. False causes an empty
// list and therefore means "no one" // list and therefore means "no one"
// //
// To allow use by anyone, the list contains UUID.Zero
//
if (m_FunctionPerms[function] == null) // No list = true if (m_FunctionPerms[function] == null) // No list = true
{ {
if (level > m_MaxThreatLevel) if (level > m_MaxThreatLevel)
@ -230,8 +243,11 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api
} }
else else
{ {
if (!m_FunctionPerms[function].Contains(m_host.OwnerID)) if (!m_FunctionPerms[function].Contains(UUID.Zero))
throw new Exception("Threat level too high - "+function); {
if (!m_FunctionPerms[function].Contains(m_host.OwnerID))
throw new Exception("Threat level too high - "+function);
}
} }
} }

3
bin/OpenSim.ini.example
View File

@ -835,8 +835,9 @@
; OS Functions enable/disable ; OS Functions enable/disable
; For each function, you can add one line, as shown ; For each function, you can add one line, as shown
; The default for all functions allows them if below threat level
; true is the default for all functions, and allows them if below threat level ; true allows the use of the function unconditionally
; Allow_osSetRegionWaterHeight = true ; Allow_osSetRegionWaterHeight = true
; false disables the function completely ; false disables the function completely