From 928d003bf534156201f1bd94fb6ffe7b418f8284 Mon Sep 17 00:00:00 2001 From: Melanie Thielker Date: Mon, 17 Nov 2008 04:23:03 +0000 Subject: Change the semantics of the Allow_* os function control. Omitting a function causes defautlt behavior. "true" now means usable unconditionally, "false" means disabled, and a list of UUIDs restricts it. This changes SECURITY! If you used "true" here before, you shoudl review your setup! --- .../Shared/Api/Implementation/OSSL_Api.cs | 52 ++++++++++++++-------- 1 file changed, 34 insertions(+), 18 deletions(-) (limited to 'OpenSim') diff --git a/OpenSim/Region/ScriptEngine/Shared/Api/Implementation/OSSL_Api.cs b/OpenSim/Region/ScriptEngine/Shared/Api/Implementation/OSSL_Api.cs index 72a8dc5..f010f7d 100644 --- a/OpenSim/Region/ScriptEngine/Shared/Api/Implementation/OSSL_Api.cs +++ b/OpenSim/Region/ScriptEngine/Shared/Api/Implementation/OSSL_Api.cs @@ -187,30 +187,41 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api if (!m_FunctionPerms.ContainsKey(function)) { - string perm = m_ScriptEngine.Config.GetString("Allow_"+function, "true"); - bool allowed; - - if (bool.TryParse(perm, out allowed)) + string perm = m_ScriptEngine.Config.GetString("Allow_"+function, ""); + if (perm == "") { - // Boolean given - if (allowed) - m_FunctionPerms[function] = null; // a null value is all - else - m_FunctionPerms[function] = new List(); // Empty list = none + m_FunctionPerms[function] = null; // a null value is default } else { - m_FunctionPerms[function] = new List(); + bool allowed; - string[] ids = perm.Split(new char[] {','}); - foreach (string id in ids) + if (bool.TryParse(perm, out allowed)) + { + // Boolean given + if (allowed) + { + m_FunctionPerms[function] = new List(); + m_FunctionPerms[function].Add(UUID.Zero); + } + else + m_FunctionPerms[function] = new List(); // Empty list = none + } + else { - string current = id.Trim(); - UUID uuid; + m_FunctionPerms[function] = new List(); - if (UUID.TryParse(current, out uuid)) + string[] ids = perm.Split(new char[] {','}); + foreach (string id in ids) { - m_FunctionPerms[function].Add(uuid); + string current = id.Trim(); + UUID uuid; + + if (UUID.TryParse(current, out uuid)) + { + if (uuid != uuid.Zero) + m_FunctionPerms[function].Add(uuid); + } } } } @@ -223,6 +234,8 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api // to use that particular function. False causes an empty // list and therefore means "no one" // + // To allow use by anyone, the list contains UUID.Zero + // if (m_FunctionPerms[function] == null) // No list = true { if (level > m_MaxThreatLevel) @@ -230,8 +243,11 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api } else { - if (!m_FunctionPerms[function].Contains(m_host.OwnerID)) - throw new Exception("Threat level too high - "+function); + if (!m_FunctionPerms[function].Contains(UUID.Zero)) + { + if (!m_FunctionPerms[function].Contains(m_host.OwnerID)) + throw new Exception("Threat level too high - "+function); + } } } -- cgit v1.1