diff options
author | Melanie Thielker | 2010-07-15 20:03:08 +0200 |
---|---|---|
committer | Melanie Thielker | 2010-07-15 20:03:08 +0200 |
commit | 8d2b4b7b487f7a35b610d894c03619e638866473 (patch) | |
tree | 305494398ed0cb21962467d05b2279b4ff2fe1a7 /OpenSim/Region/Framework/Scenes | |
parent | Preserve attachment data while a prim is in world. Allows attachment (diff) | |
download | opensim-SC-8d2b4b7b487f7a35b610d894c03619e638866473.zip opensim-SC-8d2b4b7b487f7a35b610d894c03619e638866473.tar.gz opensim-SC-8d2b4b7b487f7a35b610d894c03619e638866473.tar.bz2 opensim-SC-8d2b4b7b487f7a35b610d894c03619e638866473.tar.xz |
Fix a few permissions vulnerability. Owners could cause permissions
escalation on items contained in prims using a hacked viewer
Diffstat (limited to 'OpenSim/Region/Framework/Scenes')
-rw-r--r-- | OpenSim/Region/Framework/Scenes/Scene.Inventory.cs | 35 | ||||
-rw-r--r-- | OpenSim/Region/Framework/Scenes/SceneObjectPart.cs | 3 | ||||
-rw-r--r-- | OpenSim/Region/Framework/Scenes/SceneObjectPartInventory.cs | 6 |
3 files changed, 35 insertions, 9 deletions
diff --git a/OpenSim/Region/Framework/Scenes/Scene.Inventory.cs b/OpenSim/Region/Framework/Scenes/Scene.Inventory.cs index c77efc7..e1674be 100644 --- a/OpenSim/Region/Framework/Scenes/Scene.Inventory.cs +++ b/OpenSim/Region/Framework/Scenes/Scene.Inventory.cs | |||
@@ -1359,16 +1359,45 @@ namespace OpenSim.Region.Framework.Scenes | |||
1359 | { | 1359 | { |
1360 | agentTransactions.HandleTaskItemUpdateFromTransaction( | 1360 | agentTransactions.HandleTaskItemUpdateFromTransaction( |
1361 | remoteClient, part, transactionID, currentItem); | 1361 | remoteClient, part, transactionID, currentItem); |
1362 | } | 1362 | |
1363 | if (part.Inventory.UpdateInventoryItem(itemInfo)) | ||
1364 | { | ||
1365 | if ((InventoryType)itemInfo.InvType == InventoryType.Notecard) | 1363 | if ((InventoryType)itemInfo.InvType == InventoryType.Notecard) |
1366 | remoteClient.SendAgentAlertMessage("Notecard saved", false); | 1364 | remoteClient.SendAgentAlertMessage("Notecard saved", false); |
1367 | else if ((InventoryType)itemInfo.InvType == InventoryType.LSL) | 1365 | else if ((InventoryType)itemInfo.InvType == InventoryType.LSL) |
1368 | remoteClient.SendAgentAlertMessage("Script saved", false); | 1366 | remoteClient.SendAgentAlertMessage("Script saved", false); |
1369 | else | 1367 | else |
1370 | remoteClient.SendAgentAlertMessage("Item saved", false); | 1368 | remoteClient.SendAgentAlertMessage("Item saved", false); |
1369 | } | ||
1371 | 1370 | ||
1371 | // Check if we're allowed to mess with permissions | ||
1372 | if (!Permissions.IsGod(remoteClient.AgentId)) // Not a god | ||
1373 | { | ||
1374 | if (remoteClient.AgentId != part.OwnerID) // Not owner | ||
1375 | { | ||
1376 | // Friends and group members can't change any perms | ||
1377 | itemInfo.BasePermissions = currentItem.BasePermissions; | ||
1378 | itemInfo.EveryonePermissions = currentItem.EveryonePermissions; | ||
1379 | itemInfo.GroupPermissions = currentItem.GroupPermissions; | ||
1380 | itemInfo.NextPermissions = currentItem.NextPermissions; | ||
1381 | itemInfo.CurrentPermissions = currentItem.CurrentPermissions; | ||
1382 | } | ||
1383 | else | ||
1384 | { | ||
1385 | // Owner can't change base, and can change other | ||
1386 | // only up to base | ||
1387 | // Base ALWAYS has move | ||
1388 | currentItem.BasePermissions |= (uint)PermissionMask.Move; | ||
1389 | itemInfo.BasePermissions = currentItem.BasePermissions; | ||
1390 | itemInfo.EveryonePermissions &= currentItem.BasePermissions; | ||
1391 | itemInfo.GroupPermissions &= currentItem.BasePermissions; | ||
1392 | itemInfo.CurrentPermissions &= currentItem.BasePermissions; | ||
1393 | itemInfo.NextPermissions &= currentItem.BasePermissions; | ||
1394 | // Next ALWAYS has move | ||
1395 | itemInfo.NextPermissions |= (uint)PermissionMask.Move; | ||
1396 | } | ||
1397 | |||
1398 | } | ||
1399 | if (part.Inventory.UpdateInventoryItem(itemInfo)) | ||
1400 | { | ||
1372 | part.GetProperties(remoteClient); | 1401 | part.GetProperties(remoteClient); |
1373 | } | 1402 | } |
1374 | } | 1403 | } |
diff --git a/OpenSim/Region/Framework/Scenes/SceneObjectPart.cs b/OpenSim/Region/Framework/Scenes/SceneObjectPart.cs index 87b2d74..b19c443 100644 --- a/OpenSim/Region/Framework/Scenes/SceneObjectPart.cs +++ b/OpenSim/Region/Framework/Scenes/SceneObjectPart.cs | |||
@@ -4156,6 +4156,9 @@ namespace OpenSim.Region.Framework.Scenes | |||
4156 | // objects | 4156 | // objects |
4157 | if ((_nextOwnerMask & (uint)PermissionMask.Copy) == 0) | 4157 | if ((_nextOwnerMask & (uint)PermissionMask.Copy) == 0) |
4158 | _nextOwnerMask |= (uint)PermissionMask.Transfer; | 4158 | _nextOwnerMask |= (uint)PermissionMask.Transfer; |
4159 | |||
4160 | _nextOwnerMask |= (uint)PermissionMask.Move; | ||
4161 | |||
4159 | break; | 4162 | break; |
4160 | } | 4163 | } |
4161 | SendFullUpdateToAllClients(); | 4164 | SendFullUpdateToAllClients(); |
diff --git a/OpenSim/Region/Framework/Scenes/SceneObjectPartInventory.cs b/OpenSim/Region/Framework/Scenes/SceneObjectPartInventory.cs index 0066158..2a3727a 100644 --- a/OpenSim/Region/Framework/Scenes/SceneObjectPartInventory.cs +++ b/OpenSim/Region/Framework/Scenes/SceneObjectPartInventory.cs | |||
@@ -762,12 +762,6 @@ namespace OpenSim.Region.Framework.Scenes | |||
762 | else if ((InventoryType)item.Type == InventoryType.Notecard) | 762 | else if ((InventoryType)item.Type == InventoryType.Notecard) |
763 | { | 763 | { |
764 | ScenePresence presence = m_part.ParentGroup.Scene.GetScenePresence(item.OwnerID); | 764 | ScenePresence presence = m_part.ParentGroup.Scene.GetScenePresence(item.OwnerID); |
765 | |||
766 | if (presence != null) | ||
767 | { | ||
768 | presence.ControllingClient.SendAgentAlertMessage( | ||
769 | "Notecard saved", false); | ||
770 | } | ||
771 | } | 765 | } |
772 | 766 | ||
773 | m_items[item.ItemID] = item; | 767 | m_items[item.ItemID] = item; |