[Coldstuff] To all cold admins out there: bug fixes
xmath
xmath@nubz.org
Sun, 13 Jan 2002 01:01:48 +0100
Bug fixes for everybody who admins a coldcore-derived server,
especially if people can get programmer access:
1. $connection.write lacks (> .perms(sender()) <);
just add that as first line (already done at the Cold Dark)
2. $scheduler.cancel allows any preempted (non-suspended) task to be
killed by anyone. I think only admins should be allowed to do that
(maybe the user, but I seriously doubt that, since a task killed in
middle of execution could leave things in an inconsistent state). Add
an elseif-clause, like:
} else if (!$sys.is_system(sender())) {
throw(~perm, sender() + " may not kill task " + task_id);
}
3. Users can be trapped in a $location with no means of escape, by
overriding $location.will_leave to always throw an error. Solution:
allow the manager of an object to eject it. On a side note: perhaps
eject should allow ejecting objects to their .home() instead. And why
not add an argument to .move_to to remove the will-checks (will_move,
will_leave, will_arrive) if the sender() is properly authorized.
eject can then just check perms and determine the right destination,
and call the unchecked version of .move_to. Saves code-duplication.
An @eject command would be nice too (and @eject! for a rude version,
in case the offending place *is* your home)
Here's a write-up (tested on a server, although not thoroughly) that
does it all, and allows admins to refuse ejecting from a location.
http://www.nubz.org/move-eject.cold.txt
4. There are problems with changing the parents of an object. I'll
give a fix as soon as I've figured out what exactly goes wrong and
how to fix it.
- xmath