On Sat, 1 Nov 1997, Chagai Kofler wrote:
>Lately I came across a security danger when you let builders use OLC.
>If your MUD supports OLC with affection feature of objects like
>level or exp, an object with +level may advance your builders to the
>position of an Imp and therefor giving them the priveleged commands
>that they are not supposed to use.
case APPLY_LEVEL:
/* ??? GET_LEVEL(ch) += mod; */
break;
It is not implemented.
>One of my builders tried this trick on my MUD and deleted the Imps.
>Although they cant take over the MUD, still they could perform some
>annoying acts.
You should've thought about why that line was commented and its possible
implications. :)
--
George Greer - Me@Null.net | Genius may have its limitations, but stupidity
http://www.van.ml.org/~greerga | is not thus handicapped. -- Elbert Hubbard
+------------------------------------------------------------+
| Ensure that you have read the CircleMUD Mailing List FAQ: |
| http://democracy.queensu.ca/~fletcher/Circle/list-faq.html |
+------------------------------------------------------------+
This archive was generated by hypermail 2b30 : 12/08/00 PST