Change the semantics of the Allow_* os function control. Omitting a function
causes defautlt behavior. "true" now means usable unconditionally, "false" means disabled, and a list of UUIDs restricts it. This changes SECURITY! If you used "true" here before, you shoudl review your setup!0.6.1-post-fixes
parent
840ef17b8d
commit
928d003bf5
|
@ -187,14 +187,23 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api
|
|||
|
||||
if (!m_FunctionPerms.ContainsKey(function))
|
||||
{
|
||||
string perm = m_ScriptEngine.Config.GetString("Allow_"+function, "true");
|
||||
string perm = m_ScriptEngine.Config.GetString("Allow_"+function, "");
|
||||
if (perm == "")
|
||||
{
|
||||
m_FunctionPerms[function] = null; // a null value is default
|
||||
}
|
||||
else
|
||||
{
|
||||
bool allowed;
|
||||
|
||||
if (bool.TryParse(perm, out allowed))
|
||||
{
|
||||
// Boolean given
|
||||
if (allowed)
|
||||
m_FunctionPerms[function] = null; // a null value is all
|
||||
{
|
||||
m_FunctionPerms[function] = new List<UUID>();
|
||||
m_FunctionPerms[function].Add(UUID.Zero);
|
||||
}
|
||||
else
|
||||
m_FunctionPerms[function] = new List<UUID>(); // Empty list = none
|
||||
}
|
||||
|
@ -210,11 +219,13 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api
|
|||
|
||||
if (UUID.TryParse(current, out uuid))
|
||||
{
|
||||
if (uuid != uuid.Zero)
|
||||
m_FunctionPerms[function].Add(uuid);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// If the list is null, then the value was true / undefined
|
||||
// Threat level governs permissions in this case
|
||||
|
@ -223,17 +234,22 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api
|
|||
// to use that particular function. False causes an empty
|
||||
// list and therefore means "no one"
|
||||
//
|
||||
// To allow use by anyone, the list contains UUID.Zero
|
||||
//
|
||||
if (m_FunctionPerms[function] == null) // No list = true
|
||||
{
|
||||
if (level > m_MaxThreatLevel)
|
||||
throw new Exception("Threat level too high - "+function);
|
||||
}
|
||||
else
|
||||
{
|
||||
if (!m_FunctionPerms[function].Contains(UUID.Zero))
|
||||
{
|
||||
if (!m_FunctionPerms[function].Contains(m_host.OwnerID))
|
||||
throw new Exception("Threat level too high - "+function);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
protected void ScriptSleep(int delay)
|
||||
{
|
||||
|
|
|
@ -835,8 +835,9 @@
|
|||
|
||||
; OS Functions enable/disable
|
||||
; For each function, you can add one line, as shown
|
||||
; The default for all functions allows them if below threat level
|
||||
|
||||
; true is the default for all functions, and allows them if below threat level
|
||||
; true allows the use of the function unconditionally
|
||||
; Allow_osSetRegionWaterHeight = true
|
||||
|
||||
; false disables the function completely
|
||||
|
|
Loading…
Reference in New Issue