On Mon, Aug 13, 2001 at 08:35:40PM +0200, Denys Duchier wrote:
> rlpowell@digitalkingdom.org (Robin Lee Powell) writes:
>
> > So, I'm writing a MUD in Oz. This means that I have to assume that
> > any given object in the MUD could have been written by an
> > arbitrarily malicious person. But I still want to allow potentially
> > destructive things to occur.
>
> The way we always intended security to be enforced is through
> controlled means of resource acquisition. There is nothing very
> damaging that code can do unless it can get it's hands on system
> specific resources (e.g. module OS). In order to obtain such
> resources, any agent must negotiate with the hosting system, typically
> via the mediation of a module manager.
Ah, I need to be more clear. I'm not worried about my machine being
hacked through the MUD (it'll be running as user nobody), I'm worried
about destructive things _within_ the MUD. People deleting other
people's objects, for example.
-Robin
-- http://www.digitalkingdom.org/~rlpowell/ BTW, I'm male, honest. le datni cu djica le nu zifre .iku'i .oi le so'e datni cu to'e te pilno je xlali -- RLP http://www.lojban.org/ - Please send submissions to users@mozart-oz.org and administriva mail to users-request@mozart-oz.org. The Mozart Oz web site is at http://www.mozart-oz.org/.