diff options
author | Melanie Thielker | 2010-07-15 20:03:08 +0200 |
---|---|---|
committer | Diva Canto | 2010-07-20 14:52:25 -0700 |
commit | df55e5295fe029a9a7d23f71263cbf72c8921884 (patch) | |
tree | c5ea67b534a225b1e1c99f22dac015f51cb19a1d /OpenSim/Region/Framework/Scenes/Scene.Inventory.cs | |
parent | Relaxed the ultra-conservative lock on m_items. Needs testing under linux and... (diff) | |
download | opensim-SC-df55e5295fe029a9a7d23f71263cbf72c8921884.zip opensim-SC-df55e5295fe029a9a7d23f71263cbf72c8921884.tar.gz opensim-SC-df55e5295fe029a9a7d23f71263cbf72c8921884.tar.bz2 opensim-SC-df55e5295fe029a9a7d23f71263cbf72c8921884.tar.xz |
Fix a few permissions vulnerability. Owners could cause permissions
escalation on items contained in prims using a hacked viewer
Diffstat (limited to '')
-rw-r--r-- | OpenSim/Region/Framework/Scenes/Scene.Inventory.cs | 35 |
1 files changed, 32 insertions, 3 deletions
diff --git a/OpenSim/Region/Framework/Scenes/Scene.Inventory.cs b/OpenSim/Region/Framework/Scenes/Scene.Inventory.cs index 96a9d97..5f41f4b 100644 --- a/OpenSim/Region/Framework/Scenes/Scene.Inventory.cs +++ b/OpenSim/Region/Framework/Scenes/Scene.Inventory.cs | |||
@@ -1339,16 +1339,45 @@ namespace OpenSim.Region.Framework.Scenes | |||
1339 | { | 1339 | { |
1340 | agentTransactions.HandleTaskItemUpdateFromTransaction( | 1340 | agentTransactions.HandleTaskItemUpdateFromTransaction( |
1341 | remoteClient, part, transactionID, currentItem); | 1341 | remoteClient, part, transactionID, currentItem); |
1342 | } | 1342 | |
1343 | if (part.Inventory.UpdateInventoryItem(itemInfo)) | ||
1344 | { | ||
1345 | if ((InventoryType)itemInfo.InvType == InventoryType.Notecard) | 1343 | if ((InventoryType)itemInfo.InvType == InventoryType.Notecard) |
1346 | remoteClient.SendAgentAlertMessage("Notecard saved", false); | 1344 | remoteClient.SendAgentAlertMessage("Notecard saved", false); |
1347 | else if ((InventoryType)itemInfo.InvType == InventoryType.LSL) | 1345 | else if ((InventoryType)itemInfo.InvType == InventoryType.LSL) |
1348 | remoteClient.SendAgentAlertMessage("Script saved", false); | 1346 | remoteClient.SendAgentAlertMessage("Script saved", false); |
1349 | else | 1347 | else |
1350 | remoteClient.SendAgentAlertMessage("Item saved", false); | 1348 | remoteClient.SendAgentAlertMessage("Item saved", false); |
1349 | } | ||
1351 | 1350 | ||
1351 | // Check if we're allowed to mess with permissions | ||
1352 | if (!Permissions.IsGod(remoteClient.AgentId)) // Not a god | ||
1353 | { | ||
1354 | if (remoteClient.AgentId != part.OwnerID) // Not owner | ||
1355 | { | ||
1356 | // Friends and group members can't change any perms | ||
1357 | itemInfo.BasePermissions = currentItem.BasePermissions; | ||
1358 | itemInfo.EveryonePermissions = currentItem.EveryonePermissions; | ||
1359 | itemInfo.GroupPermissions = currentItem.GroupPermissions; | ||
1360 | itemInfo.NextPermissions = currentItem.NextPermissions; | ||
1361 | itemInfo.CurrentPermissions = currentItem.CurrentPermissions; | ||
1362 | } | ||
1363 | else | ||
1364 | { | ||
1365 | // Owner can't change base, and can change other | ||
1366 | // only up to base | ||
1367 | // Base ALWAYS has move | ||
1368 | currentItem.BasePermissions |= (uint)PermissionMask.Move; | ||
1369 | itemInfo.BasePermissions = currentItem.BasePermissions; | ||
1370 | itemInfo.EveryonePermissions &= currentItem.BasePermissions; | ||
1371 | itemInfo.GroupPermissions &= currentItem.BasePermissions; | ||
1372 | itemInfo.CurrentPermissions &= currentItem.BasePermissions; | ||
1373 | itemInfo.NextPermissions &= currentItem.BasePermissions; | ||
1374 | // Next ALWAYS has move | ||
1375 | itemInfo.NextPermissions |= (uint)PermissionMask.Move; | ||
1376 | } | ||
1377 | |||
1378 | } | ||
1379 | if (part.Inventory.UpdateInventoryItem(itemInfo)) | ||
1380 | { | ||
1352 | part.GetProperties(remoteClient); | 1381 | part.GetProperties(remoteClient); |
1353 | } | 1382 | } |
1354 | } | 1383 | } |