Fix a few permissions vulnerability. Owners could cause permissions
escalation on items contained in prims using a hacked viewer0.7-release
Melanie Thielker
Diva Canto
parent
d93a442483
commit
df55e5295f
|
|
@ -1339,16 +1339,45 @@ namespace OpenSim.Region.Framework.Scenes
|
||||||
{
|
{
|
||||||
agentTransactions.HandleTaskItemUpdateFromTransaction(
|
agentTransactions.HandleTaskItemUpdateFromTransaction(
|
||||||
remoteClient, part, transactionID, currentItem);
|
remoteClient, part, transactionID, currentItem);
|
||||||
}
|
|
||||||
if (part.Inventory.UpdateInventoryItem(itemInfo))
|
|
||||||
{
|
|
||||||
if ((InventoryType)itemInfo.InvType == InventoryType.Notecard)
|
if ((InventoryType)itemInfo.InvType == InventoryType.Notecard)
|
||||||
remoteClient.SendAgentAlertMessage("Notecard saved", false);
|
remoteClient.SendAgentAlertMessage("Notecard saved", false);
|
||||||
else if ((InventoryType)itemInfo.InvType == InventoryType.LSL)
|
else if ((InventoryType)itemInfo.InvType == InventoryType.LSL)
|
||||||
remoteClient.SendAgentAlertMessage("Script saved", false);
|
remoteClient.SendAgentAlertMessage("Script saved", false);
|
||||||
else
|
else
|
||||||
remoteClient.SendAgentAlertMessage("Item saved", false);
|
remoteClient.SendAgentAlertMessage("Item saved", false);
|
||||||
|
}
|
||||||
|
|
||||||
|
// Check if we're allowed to mess with permissions
|
||||||
|
if (!Permissions.IsGod(remoteClient.AgentId)) // Not a god
|
||||||
|
{
|
||||||
|
if (remoteClient.AgentId != part.OwnerID) // Not owner
|
||||||
|
{
|
||||||
|
// Friends and group members can't change any perms
|
||||||
|
itemInfo.BasePermissions = currentItem.BasePermissions;
|
||||||
|
itemInfo.EveryonePermissions = currentItem.EveryonePermissions;
|
||||||
|
itemInfo.GroupPermissions = currentItem.GroupPermissions;
|
||||||
|
itemInfo.NextPermissions = currentItem.NextPermissions;
|
||||||
|
itemInfo.CurrentPermissions = currentItem.CurrentPermissions;
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
// Owner can't change base, and can change other
|
||||||
|
// only up to base
|
||||||
|
// Base ALWAYS has move
|
||||||
|
currentItem.BasePermissions |= (uint)PermissionMask.Move;
|
||||||
|
itemInfo.BasePermissions = currentItem.BasePermissions;
|
||||||
|
itemInfo.EveryonePermissions &= currentItem.BasePermissions;
|
||||||
|
itemInfo.GroupPermissions &= currentItem.BasePermissions;
|
||||||
|
itemInfo.CurrentPermissions &= currentItem.BasePermissions;
|
||||||
|
itemInfo.NextPermissions &= currentItem.BasePermissions;
|
||||||
|
// Next ALWAYS has move
|
||||||
|
itemInfo.NextPermissions |= (uint)PermissionMask.Move;
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
if (part.Inventory.UpdateInventoryItem(itemInfo))
|
||||||
|
{
|
||||||
part.GetProperties(remoteClient);
|
part.GetProperties(remoteClient);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -4137,6 +4137,13 @@ namespace OpenSim.Region.Framework.Scenes
|
||||||
case 16:
|
case 16:
|
||||||
_nextOwnerMask = ApplyMask(_nextOwnerMask, set, mask) &
|
_nextOwnerMask = ApplyMask(_nextOwnerMask, set, mask) &
|
||||||
baseMask;
|
baseMask;
|
||||||
|
// Prevent the client from creating no mod, no copy
|
||||||
|
// objects
|
||||||
|
if ((_nextOwnerMask & (uint)PermissionMask.Copy) == 0)
|
||||||
|
_nextOwnerMask |= (uint)PermissionMask.Transfer;
|
||||||
|
|
||||||
|
_nextOwnerMask |= (uint)PermissionMask.Move;
|
||||||
|
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
SendFullUpdateToAllClients();
|
SendFullUpdateToAllClients();
|
||||||
|
|
|
||||||
|
|
@ -600,12 +600,12 @@ namespace OpenSim.Region.Framework.Scenes
|
||||||
item.GroupID = m_part.GroupID;
|
item.GroupID = m_part.GroupID;
|
||||||
|
|
||||||
if (item.AssetID == UUID.Zero)
|
if (item.AssetID == UUID.Zero)
|
||||||
item.AssetID = it.AssetID;
|
|
||||||
|
|
||||||
lock (m_items)
|
|
||||||
{
|
{
|
||||||
m_items[item.ItemID] = item;
|
item.AssetID = m_items[item.ItemID].AssetID;
|
||||||
m_inventorySerial++;
|
}
|
||||||
|
else if ((InventoryType)item.Type == InventoryType.Notecard)
|
||||||
|
{
|
||||||
|
ScenePresence presence = m_part.ParentGroup.Scene.GetScenePresence(item.OwnerID);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (fireScriptEvents)
|
if (fireScriptEvents)
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue