diff options
author | Melanie Thielker | 2010-07-15 20:03:08 +0200 |
---|---|---|
committer | Melanie | 2010-07-20 21:00:56 +0100 |
commit | 78605baab330f850f1b47d205b4041d59080a00c (patch) | |
tree | cb6c0d2b836260cd568b45c5bdc4dca203c080a7 /OpenSim/Region/Framework/Scenes | |
parent | adjust DialogModule to only send broadcast alerts to root agents (diff) | |
download | opensim-SC_OLD-78605baab330f850f1b47d205b4041d59080a00c.zip opensim-SC_OLD-78605baab330f850f1b47d205b4041d59080a00c.tar.gz opensim-SC_OLD-78605baab330f850f1b47d205b4041d59080a00c.tar.bz2 opensim-SC_OLD-78605baab330f850f1b47d205b4041d59080a00c.tar.xz |
Fix a few permissions vulnerability. Owners could cause permissions
escalation on items contained in prims using a hacked viewer
Diffstat (limited to 'OpenSim/Region/Framework/Scenes')
-rw-r--r-- | OpenSim/Region/Framework/Scenes/Scene.Inventory.cs | 35 | ||||
-rw-r--r-- | OpenSim/Region/Framework/Scenes/SceneObjectPart.cs | 3 | ||||
-rw-r--r-- | OpenSim/Region/Framework/Scenes/SceneObjectPartInventory.cs | 10 |
3 files changed, 40 insertions, 8 deletions
diff --git a/OpenSim/Region/Framework/Scenes/Scene.Inventory.cs b/OpenSim/Region/Framework/Scenes/Scene.Inventory.cs index 6e73fe9..1bb7075 100644 --- a/OpenSim/Region/Framework/Scenes/Scene.Inventory.cs +++ b/OpenSim/Region/Framework/Scenes/Scene.Inventory.cs | |||
@@ -1340,16 +1340,45 @@ namespace OpenSim.Region.Framework.Scenes | |||
1340 | { | 1340 | { |
1341 | agentTransactions.HandleTaskItemUpdateFromTransaction( | 1341 | agentTransactions.HandleTaskItemUpdateFromTransaction( |
1342 | remoteClient, part, transactionID, currentItem); | 1342 | remoteClient, part, transactionID, currentItem); |
1343 | } | 1343 | |
1344 | if (part.Inventory.UpdateInventoryItem(itemInfo)) | ||
1345 | { | ||
1346 | if ((InventoryType)itemInfo.InvType == InventoryType.Notecard) | 1344 | if ((InventoryType)itemInfo.InvType == InventoryType.Notecard) |
1347 | remoteClient.SendAgentAlertMessage("Notecard saved", false); | 1345 | remoteClient.SendAgentAlertMessage("Notecard saved", false); |
1348 | else if ((InventoryType)itemInfo.InvType == InventoryType.LSL) | 1346 | else if ((InventoryType)itemInfo.InvType == InventoryType.LSL) |
1349 | remoteClient.SendAgentAlertMessage("Script saved", false); | 1347 | remoteClient.SendAgentAlertMessage("Script saved", false); |
1350 | else | 1348 | else |
1351 | remoteClient.SendAgentAlertMessage("Item saved", false); | 1349 | remoteClient.SendAgentAlertMessage("Item saved", false); |
1350 | } | ||
1352 | 1351 | ||
1352 | // Check if we're allowed to mess with permissions | ||
1353 | if (!Permissions.IsGod(remoteClient.AgentId)) // Not a god | ||
1354 | { | ||
1355 | if (remoteClient.AgentId != part.OwnerID) // Not owner | ||
1356 | { | ||
1357 | // Friends and group members can't change any perms | ||
1358 | itemInfo.BasePermissions = currentItem.BasePermissions; | ||
1359 | itemInfo.EveryonePermissions = currentItem.EveryonePermissions; | ||
1360 | itemInfo.GroupPermissions = currentItem.GroupPermissions; | ||
1361 | itemInfo.NextPermissions = currentItem.NextPermissions; | ||
1362 | itemInfo.CurrentPermissions = currentItem.CurrentPermissions; | ||
1363 | } | ||
1364 | else | ||
1365 | { | ||
1366 | // Owner can't change base, and can change other | ||
1367 | // only up to base | ||
1368 | // Base ALWAYS has move | ||
1369 | currentItem.BasePermissions |= (uint)PermissionMask.Move; | ||
1370 | itemInfo.BasePermissions = currentItem.BasePermissions; | ||
1371 | itemInfo.EveryonePermissions &= currentItem.BasePermissions; | ||
1372 | itemInfo.GroupPermissions &= currentItem.BasePermissions; | ||
1373 | itemInfo.CurrentPermissions &= currentItem.BasePermissions; | ||
1374 | itemInfo.NextPermissions &= currentItem.BasePermissions; | ||
1375 | // Next ALWAYS has move | ||
1376 | itemInfo.NextPermissions |= (uint)PermissionMask.Move; | ||
1377 | } | ||
1378 | |||
1379 | } | ||
1380 | if (part.Inventory.UpdateInventoryItem(itemInfo)) | ||
1381 | { | ||
1353 | part.GetProperties(remoteClient); | 1382 | part.GetProperties(remoteClient); |
1354 | } | 1383 | } |
1355 | } | 1384 | } |
diff --git a/OpenSim/Region/Framework/Scenes/SceneObjectPart.cs b/OpenSim/Region/Framework/Scenes/SceneObjectPart.cs index 13e4b56..e331bb0 100644 --- a/OpenSim/Region/Framework/Scenes/SceneObjectPart.cs +++ b/OpenSim/Region/Framework/Scenes/SceneObjectPart.cs | |||
@@ -4144,6 +4144,9 @@ namespace OpenSim.Region.Framework.Scenes | |||
4144 | // objects | 4144 | // objects |
4145 | if ((_nextOwnerMask & (uint)PermissionMask.Copy) == 0) | 4145 | if ((_nextOwnerMask & (uint)PermissionMask.Copy) == 0) |
4146 | _nextOwnerMask |= (uint)PermissionMask.Transfer; | 4146 | _nextOwnerMask |= (uint)PermissionMask.Transfer; |
4147 | |||
4148 | _nextOwnerMask |= (uint)PermissionMask.Move; | ||
4149 | |||
4147 | break; | 4150 | break; |
4148 | } | 4151 | } |
4149 | SendFullUpdateToAllClients(); | 4152 | SendFullUpdateToAllClients(); |
diff --git a/OpenSim/Region/Framework/Scenes/SceneObjectPartInventory.cs b/OpenSim/Region/Framework/Scenes/SceneObjectPartInventory.cs index 517b387..91d9be3 100644 --- a/OpenSim/Region/Framework/Scenes/SceneObjectPartInventory.cs +++ b/OpenSim/Region/Framework/Scenes/SceneObjectPartInventory.cs | |||
@@ -600,12 +600,12 @@ namespace OpenSim.Region.Framework.Scenes | |||
600 | item.GroupID = m_part.GroupID; | 600 | item.GroupID = m_part.GroupID; |
601 | 601 | ||
602 | if (item.AssetID == UUID.Zero) | 602 | if (item.AssetID == UUID.Zero) |
603 | item.AssetID = it.AssetID; | ||
604 | |||
605 | lock (m_items) | ||
606 | { | 603 | { |
607 | m_items[item.ItemID] = item; | 604 | item.AssetID = m_items[item.ItemID].AssetID; |
608 | m_inventorySerial++; | 605 | } |
606 | else if ((InventoryType)item.Type == InventoryType.Notecard) | ||
607 | { | ||
608 | ScenePresence presence = m_part.ParentGroup.Scene.GetScenePresence(item.OwnerID); | ||
609 | } | 609 | } |
610 | 610 | ||
611 | if (fireScriptEvents) | 611 | if (fireScriptEvents) |