![]() |
[ < ] | [ > ] | [ << ] | [ Up ] | [ >> ] | [Top] | [Contents] | [Index] | [ ? ] |
First of all you must make sure that the object that tries to create a new object has the privileges required to do so. The rules are pretty simple actually: An object with a valid euid can clone any other object. A valid euid is anything except 0. The euid 0 is the default uid and euid on creation of an object, and it's used as meaning 'no privileges at all'.
However, usually the choice of euids you can set is pretty limited. If you're a wiz it's usually limited to your own name. A Lord can set the euid in an object to be his, or any of the wizard's in the domain (unless one of the wizards is an Archwiz, then that one is excempt as well). And naturally objects with 'root' uid can set any euid they like.
So... the uid of the object determines what choice of euids you have. You set the uid to the default value by adding this sfun call:
void setuid() e.g. setuid(); |
Simple eh? Doing that sets the uid to the value determined by the location
of the object source-file in the mud filesystem. The rules for this is the
same as for the creator value described earlier. You can get the creator
value of an object with the sfun creator()
, it simply returns the
string setuid()
would use for that object.
string creator(mixed reference) e.g. string my_creator; my_creator = creator(this_object()); |
To get the actual uid value that is currently used, you the sfun
getuid()
string getuid() e.g. string curr_uid; curr_uid = getuid(); |
So.. the uid is now set to the highest privilege giver. The euid however, is still 0. Since the euid determines the actual privileges used in an object this means that the object still has no privileges at all.
To set the euid you use the sfun seteuid()
, the argument given will be
set as euid if allowed (it's tested). The function returns 0 on failure
and 1 on success. If you don't send any argument, the euid is set to 0,
'turning it off' so to speak.
int seteuid(void|string priv_giver) e.g. if (seteuid("mrpr")) write("Yes! I'm the ruler of the UNIVERSE!\n"); else write("Awwwww....\n"); |
Naturally there's a corresponding sfun to return the current euid:
string geteuid() e.g. write("The current euid = " + geteuid() + "\n"); |
The sfuns setuid()
, getuid()
, seteuid()
and
geteuid()
are all using the efuns set_auth()
and
get_auth()
. They are used to manipulate a special authority
variable inside the object in the gamedriver. The gamedriver will call a
validating function in the master object (security) if you try to use
set_auth()
to make sure that you are privileged to do so. The
reason is that it's possible to store any kind of string in the
authority variable, and the way we use it is merely a convention,
something that we have decided is the best way of solving security.
When you try to perform a privileged operation, like writing to a file
or cloning an object the gamedriver calls other special functions in the
master object to make sure you have the right privileges. They all
depend on that the information stored in the authority variable is
formatted in the special way we want for it to work properly. Due to
this fact you are not allowed to use set_auth()
in any other way
than already is allowed by setuid()
and seteuid()
, so
there's really no use in doing that at all. query_auth()
is not
protected but you won't find much use for that information anyway.
The information stored in the authority variable is simply the uid and euid separated by a colon.
Now that we know how to give privileges to an object, let's find out how
to make it clone others! The efun used is called
clone_object()
, it loads and creates an object from a source
file. If the cloning should fail, due to programming mistakes for
example, an error message will be given and execution of the current
object aborted.
object clone_object(string obref) e.g. object magic_ring; // Set the object privileges so that it's possible to clone setuid(); seteuid(getuid()); // Actually clone the object magic_ring = clone_object("/w/Wizard/magic_ring"); |
Naturally you only have to set the uid/euid of an object ONCE in an object and not every time you want to perform a privileged operation. The most common procedure is to put these uid/euid setting calls in a function that is called when the object is first created, but more about that later.
Now... when arrays or mappings were created they existed as long as any variable used them. If the variable was set to 0, the data they contained was scrapped as well. Is this true for objects as well? NO! It's not. The object will remain in the game as long as the gamedriver is running, unless you explicitly destroy it.
[ < ] | [ > ] | [ << ] | [ Up ] | [ >> ] | [Top] | [Contents] | [Index] | [ ? ] |