From f629fdb88d35d1c2f0a3ce97fdd7d9acdc25e11f Mon Sep 17 00:00:00 2001 From: Melanie Thielker Date: Sat, 12 Jul 2008 06:24:43 +0000 Subject: Patches #9143 and #9144 (Mantis #1723) Changes the permissions module to make scripts permissive only when intended Adds security checks to asset transfers to prevent hacked clients fron requesting script sources. Adds security checks to llClientView to verify all aspects of ownership and permissions for inventory based script retrieval. --- .../Region/ClientStack/LindenUDP/LLClientView.cs | 59 ++++++++++++++++++++++ 1 file changed, 59 insertions(+) (limited to 'OpenSim/Region/ClientStack/LindenUDP/LLClientView.cs') diff --git a/OpenSim/Region/ClientStack/LindenUDP/LLClientView.cs b/OpenSim/Region/ClientStack/LindenUDP/LLClientView.cs index 8293319..7f95ddd 100644 --- a/OpenSim/Region/ClientStack/LindenUDP/LLClientView.cs +++ b/OpenSim/Region/ClientStack/LindenUDP/LLClientView.cs @@ -5110,6 +5110,65 @@ namespace OpenSim.Region.ClientStack.LindenUDP case PacketType.TransferRequest: //Console.WriteLine("ClientView.ProcessPackets.cs:ProcessInPacket() - Got transfer request"); TransferRequestPacket transfer = (TransferRequestPacket)Pack; + // Validate inventory transfers + // Has to be done here, because AssetCache can't do it + // + if (transfer.TransferInfo.SourceType == 3) + { + LLUUID taskID = null; + LLUUID itemID = null; + LLUUID requestID = null; + taskID = new LLUUID(transfer.TransferInfo.Params, 48); + itemID = new LLUUID(transfer.TransferInfo.Params, 64); + requestID = new LLUUID(transfer.TransferInfo.Params, 80); + if (!(((Scene)m_scene).ExternalChecks.ExternalChecksBypassPermissions())) + { + if(taskID != LLUUID.Zero) // Prim + { + SceneObjectPart part = ((Scene)m_scene).GetSceneObjectPart(taskID); + if(part == null) + break; + + if(part.OwnerID != AgentId) + break; + + if((part.OwnerMask & (uint)PermissionMask.Modify) == 0) + break; + + TaskInventoryItem ti = part.GetInventoryItem(itemID); + if(ti == null) + break; + + if(ti.OwnerID != AgentId) + break; + + if((ti.OwnerMask & ((uint)PermissionMask.Modify| (uint)PermissionMask.Copy | (uint)PermissionMask.Transfer)) != ((uint)PermissionMask.Modify| (uint)PermissionMask.Copy | (uint)PermissionMask.Transfer)) + break; + + if(ti.AssetID != requestID) + break; + } + else // Agent + { + CachedUserInfo userInfo = ((Scene)m_scene).CommsManager.UserProfileCacheService.GetUserDetails(AgentId); + if(userInfo == null) + break; + + if(userInfo.RootFolder == null) + break; + + InventoryItemBase assetRequestItem = userInfo.RootFolder.FindItem(itemID); + if(assetRequestItem == null) + return; + + if((assetRequestItem.CurrentPermissions & ((uint)PermissionMask.Modify| (uint)PermissionMask.Copy | (uint)PermissionMask.Transfer)) != ((uint)PermissionMask.Modify| (uint)PermissionMask.Copy | (uint)PermissionMask.Transfer)) + break; + if(assetRequestItem.AssetID != requestID) + break; + } + } + } + m_assetCache.AddAssetRequest(this, transfer); /* RequestAsset = OnRequestAsset; if (RequestAsset != null) -- cgit v1.1