Patches #9143 and #9144 (Mantis #1723)

Changes the permissions module to make scripts permissive only when intended
Adds security checks to asset transfers to prevent hacked clients fron
requesting script sources.
Adds security checks to llClientView to verify all aspects of ownership
and permissions for inventory based script retrieval.
0.6.0-stable
Melanie Thielker 2008-07-12 06:24:43 +00:00
parent 13399ff439
commit f629fdb88d
3 changed files with 68 additions and 2 deletions

View File

@ -445,6 +445,9 @@ namespace OpenSim.Framework.Communications.Cache
req.NumPackets = CalculateNumPackets(assetInf.Data);
RequestedAssets.Remove(assetInf.FullID);
// If it's a direct request for a script, drop it
// because it's a hacked client
if(req.AssetRequestSource != 2 || assetInf.Type != 10)
AssetRequests.Add(req);
}
}
@ -609,6 +612,10 @@ namespace OpenSim.Framework.Communications.Cache
return;
}
// Scripts cannot be retrieved by direct request
if (transferRequest.TransferInfo.SourceType == 2 && asset.Type == 10)
return;
// The asset is knosn to exist and is in our cache, so add it to the AssetRequests list
AssetRequest req = new AssetRequest();
req.RequestUser = userInfo;

View File

@ -5110,6 +5110,65 @@ namespace OpenSim.Region.ClientStack.LindenUDP
case PacketType.TransferRequest:
//Console.WriteLine("ClientView.ProcessPackets.cs:ProcessInPacket() - Got transfer request");
TransferRequestPacket transfer = (TransferRequestPacket)Pack;
// Validate inventory transfers
// Has to be done here, because AssetCache can't do it
//
if (transfer.TransferInfo.SourceType == 3)
{
LLUUID taskID = null;
LLUUID itemID = null;
LLUUID requestID = null;
taskID = new LLUUID(transfer.TransferInfo.Params, 48);
itemID = new LLUUID(transfer.TransferInfo.Params, 64);
requestID = new LLUUID(transfer.TransferInfo.Params, 80);
if (!(((Scene)m_scene).ExternalChecks.ExternalChecksBypassPermissions()))
{
if(taskID != LLUUID.Zero) // Prim
{
SceneObjectPart part = ((Scene)m_scene).GetSceneObjectPart(taskID);
if(part == null)
break;
if(part.OwnerID != AgentId)
break;
if((part.OwnerMask & (uint)PermissionMask.Modify) == 0)
break;
TaskInventoryItem ti = part.GetInventoryItem(itemID);
if(ti == null)
break;
if(ti.OwnerID != AgentId)
break;
if((ti.OwnerMask & ((uint)PermissionMask.Modify| (uint)PermissionMask.Copy | (uint)PermissionMask.Transfer)) != ((uint)PermissionMask.Modify| (uint)PermissionMask.Copy | (uint)PermissionMask.Transfer))
break;
if(ti.AssetID != requestID)
break;
}
else // Agent
{
CachedUserInfo userInfo = ((Scene)m_scene).CommsManager.UserProfileCacheService.GetUserDetails(AgentId);
if(userInfo == null)
break;
if(userInfo.RootFolder == null)
break;
InventoryItemBase assetRequestItem = userInfo.RootFolder.FindItem(itemID);
if(assetRequestItem == null)
return;
if((assetRequestItem.CurrentPermissions & ((uint)PermissionMask.Modify| (uint)PermissionMask.Copy | (uint)PermissionMask.Transfer)) != ((uint)PermissionMask.Modify| (uint)PermissionMask.Copy | (uint)PermissionMask.Transfer))
break;
if(assetRequestItem.AssetID != requestID)
break;
}
}
}
m_assetCache.AddAssetRequest(this, transfer);
/* RequestAsset = OnRequestAsset;
if (RequestAsset != null)

View File

@ -602,7 +602,7 @@ namespace OpenSim.Region.Environment.Modules.World.Permissions
DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
if (m_bypassPermissions) return m_bypassPermissionsValue;
return true;
return false;
}
private bool CanEditNotecard(LLUUID notecard, LLUUID objectID, LLUUID user, Scene scene)