From d5f497478a371107c568844321a4663bccfbf527 Mon Sep 17 00:00:00 2001 From: Tom Date: Sun, 1 Aug 2010 10:21:56 -0700 Subject: Add config option securePermissionsLoading which will stop the region from loading if the specified permissions modules fail to load. --- OpenSim/Region/Application/OpenSimBase.cs | 21 +++++++++++++++++++++ bin/OpenSim.ini.example | 3 +++ 2 files changed, 24 insertions(+) diff --git a/OpenSim/Region/Application/OpenSimBase.cs b/OpenSim/Region/Application/OpenSimBase.cs index 27cb137..9267721 100644 --- a/OpenSim/Region/Application/OpenSimBase.cs +++ b/OpenSim/Region/Application/OpenSimBase.cs @@ -88,6 +88,10 @@ namespace OpenSim protected List m_plugins = new List(); + private List m_permsModules; + + private bool m_securePermissionsLoading = true; + /// /// The config information passed into the OpenSimulator region server. /// @@ -185,6 +189,11 @@ namespace OpenSim CreatePIDFile(pidFile); userStatsURI = startupConfig.GetString("Stats_URI", String.Empty); + + m_securePermissionsLoading = startupConfig.GetBoolean("SecurePermissionsLoading", true); + + string permissionModules = startupConfig.GetString("permissionmodules", "DefaultPermissionsModule"); + m_permsModules = new List(permissionModules.Split(',')); } base.StartupSpecific(); @@ -342,6 +351,18 @@ namespace OpenSim } else m_log.Error("[MODULES]: The new RegionModulesController is missing..."); + if (m_securePermissionsLoading) + { + foreach (string s in m_permsModules) + { + if (!scene.RegionModules.ContainsKey(s)) + { + m_log.Fatal("[MODULES]: Required module " + s + " not found."); + Environment.Exit(0); + } + } + } + scene.SetModuleInterfaces(); // First Step of bootreport sequence if (scene.SnmpService != null) diff --git a/bin/OpenSim.ini.example b/bin/OpenSim.ini.example index 1527334..2c105bd 100644 --- a/bin/OpenSim.ini.example +++ b/bin/OpenSim.ini.example @@ -178,6 +178,9 @@ ;permissionmodules = "DefaultPermissionsModule" + ;If any of the specified permissions modules fail to load, quit? + SecurePermissionsLoading = true + ; If set to false, then, in theory, the server never carries out permission checks (allowing anybody to copy ; any item, etc. This may not yet be implemented uniformally. ; If set to true, then all permissions checks are carried out -- cgit v1.1