From 30c4aa55e6f18d153f164529a3435e44754c5352 Mon Sep 17 00:00:00 2001
From: Adam Frisby
Date: Tue, 18 Aug 2009 00:58:42 +1000
Subject: Added additional configuration options for MRM Security. See
 OpenSim.ini.example under the [MRM] section.

---
 .../Scripting/Minimodule/MRMModule.cs              | 30 ++++++++++++++++------
 1 file changed, 22 insertions(+), 8 deletions(-)

(limited to 'OpenSim/Region/OptionalModules')

diff --git a/OpenSim/Region/OptionalModules/Scripting/Minimodule/MRMModule.cs b/OpenSim/Region/OptionalModules/Scripting/Minimodule/MRMModule.cs
index 9042e0d..bf523dd 100644
--- a/OpenSim/Region/OptionalModules/Scripting/Minimodule/MRMModule.cs
+++ b/OpenSim/Region/OptionalModules/Scripting/Minimodule/MRMModule.cs
@@ -211,25 +211,39 @@ namespace OpenSim.Region.OptionalModules.Scripting.Minimodule
         {
             if (script.StartsWith("//MRM:C#"))
             {
-                if (m_scene.GetSceneObjectPart(localID).OwnerID != m_scene.RegionInfo.MasterAvatarAssignedUUID
-                    ||
-                    m_scene.GetSceneObjectPart(localID).CreatorID != m_scene.RegionInfo.MasterAvatarAssignedUUID)
-                    return;
+                if (m_config.GetBoolean("OwnerOnly", true))
+                    if (m_scene.GetSceneObjectPart(localID).OwnerID != m_scene.RegionInfo.MasterAvatarAssignedUUID
+                        || m_scene.GetSceneObjectPart(localID).CreatorID != m_scene.RegionInfo.MasterAvatarAssignedUUID)
+                        return;
 
                 script = ConvertMRMKeywords(script);
 
                 try
                 {
-                    m_log.Info("[MRM] Found C# MRM - Starting in AppDomain with " + m_config.GetString("permissionLevel", "Internet") + "-level security.");
+                    AppDomain target;
+                    if (m_config.GetBoolean("Sandboxed", true))
+                    {
+                        m_log.Info("[MRM] Found C# MRM - Starting in AppDomain with " +
+                                   m_config.GetString("SandboxLevel", "Internet") + "-level security.");
 
-                    string domainName = UUID.Random().ToString();
-                    AppDomain target = CreateRestrictedDomain(m_config.GetString("permissionLevel", "Internet"),
-                                                              domainName);
+                        string domainName = UUID.Random().ToString();
+                        target = CreateRestrictedDomain(m_config.GetString("SandboxLevel", "Internet"),
+                                                                  domainName);
+                    }
+                    else
+                    {
+                        m_log.Info("[MRM] Found C# MRM - Starting in current AppDomain");
+                        m_log.Warn(
+                            "[MRM] Security Risk: AppDomain is run in current context. Use only in trusted environments.");
+                        target = AppDomain.CurrentDomain;
+                    }
 
+                    m_log.Info("[MRM] Unwrapping into target AppDomain");
                     MRMBase mmb = (MRMBase) target.CreateInstanceFromAndUnwrap(
                                                 CompileFromDotNetText(script, itemID.ToString()),
                                                 "OpenSim.MiniModule");
 
+                    m_log.Info("[MRM] Initialising MRM Globals");
                     InitializeMRM(mmb, localID, itemID);
 
                     m_scripts[itemID] = mmb;
-- 
cgit v1.1