From 30c4aa55e6f18d153f164529a3435e44754c5352 Mon Sep 17 00:00:00 2001 From: Adam Frisby Date: Tue, 18 Aug 2009 00:58:42 +1000 Subject: Added additional configuration options for MRM Security. See OpenSim.ini.example under the [MRM] section. --- .../Scripting/Minimodule/MRMModule.cs | 30 ++++++++++++++++------ bin/OpenSim.ini.example | 22 ++++++++++++++-- 2 files changed, 42 insertions(+), 10 deletions(-) diff --git a/OpenSim/Region/OptionalModules/Scripting/Minimodule/MRMModule.cs b/OpenSim/Region/OptionalModules/Scripting/Minimodule/MRMModule.cs index 9042e0d..bf523dd 100644 --- a/OpenSim/Region/OptionalModules/Scripting/Minimodule/MRMModule.cs +++ b/OpenSim/Region/OptionalModules/Scripting/Minimodule/MRMModule.cs @@ -211,25 +211,39 @@ namespace OpenSim.Region.OptionalModules.Scripting.Minimodule { if (script.StartsWith("//MRM:C#")) { - if (m_scene.GetSceneObjectPart(localID).OwnerID != m_scene.RegionInfo.MasterAvatarAssignedUUID - || - m_scene.GetSceneObjectPart(localID).CreatorID != m_scene.RegionInfo.MasterAvatarAssignedUUID) - return; + if (m_config.GetBoolean("OwnerOnly", true)) + if (m_scene.GetSceneObjectPart(localID).OwnerID != m_scene.RegionInfo.MasterAvatarAssignedUUID + || m_scene.GetSceneObjectPart(localID).CreatorID != m_scene.RegionInfo.MasterAvatarAssignedUUID) + return; script = ConvertMRMKeywords(script); try { - m_log.Info("[MRM] Found C# MRM - Starting in AppDomain with " + m_config.GetString("permissionLevel", "Internet") + "-level security."); + AppDomain target; + if (m_config.GetBoolean("Sandboxed", true)) + { + m_log.Info("[MRM] Found C# MRM - Starting in AppDomain with " + + m_config.GetString("SandboxLevel", "Internet") + "-level security."); - string domainName = UUID.Random().ToString(); - AppDomain target = CreateRestrictedDomain(m_config.GetString("permissionLevel", "Internet"), - domainName); + string domainName = UUID.Random().ToString(); + target = CreateRestrictedDomain(m_config.GetString("SandboxLevel", "Internet"), + domainName); + } + else + { + m_log.Info("[MRM] Found C# MRM - Starting in current AppDomain"); + m_log.Warn( + "[MRM] Security Risk: AppDomain is run in current context. Use only in trusted environments."); + target = AppDomain.CurrentDomain; + } + m_log.Info("[MRM] Unwrapping into target AppDomain"); MRMBase mmb = (MRMBase) target.CreateInstanceFromAndUnwrap( CompileFromDotNetText(script, itemID.ToString()), "OpenSim.MiniModule"); + m_log.Info("[MRM] Initialising MRM Globals"); InitializeMRM(mmb, localID, itemID); m_scripts[itemID] = mmb; diff --git a/bin/OpenSim.ini.example b/bin/OpenSim.ini.example index a1532c5..166f2c6 100644 --- a/bin/OpenSim.ini.example +++ b/bin/OpenSim.ini.example @@ -1163,10 +1163,28 @@ [MRM] - ; Enables the Mini Region Modules Script Engine. WARNING: SECURITY RISK. + ; Enables the Mini Region Modules Script Engine. ; default is false Enabled = false - + + ; Runs MRM in a Security Sandbox + ; WARNING: DISABLING IS A SECURITY RISK. + Sandboxed = true + + ; The level sandbox to use, adjust at your OWN RISK. + ; Valid values are: + ; * FullTrust + ; * SkipVerification + ; * Execution + ; * Nothing + ; * LocalIntranet + ; * Internet + ; * Everything + SandboxLevel = "Internet" + + ; Only allow Region Owners to run MRMs + ; May represent a security risk if you disable this. + OwnerOnly = true [Hypergrid] ; Keep it false for now. Making it true requires the use of a special client in order to access inventory -- cgit v1.1