-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
See answers inline.
On 9/16/2016 4:53 AM, Nathan Smith wrote:
> hey folks So recently I've been wanting to tighten upsecurity on
> the lambda core database but am not sure quite where to start. For
> 1, what exactly is DOOBC or do out of banned command. It seems to
> have absolutely no point at all.
The use of out of band commands is to allow you to send commands that
the mud doesn't have to process with everything else. It's useful for
protocols. Disable it and call it a day in options.h
> Question 2: Backdoors, are there known bugs with lambda core? not
> the server, but the core?
[I've not heard of any. There was apparently one with WAIFs, but I
think if there were known security bugs they would've been fixed or be
common knowledge. That's not to say that they don't exist. This is
just the core itself though, there's nothing that says your own
do_login_command won't have any issues, but I can't imagine them being
issues that allow you to just get code.
> for example, is there a thing on #10 that allows someone to be
> like, hey! *edits code* *lists cod*
>
No. because that would allow someone to just make themselves a wizard,
etc. That would be dangerous.
> finally, is there a work through to allow players to view code on
> #10 or #0, they seem to be linked is all, via the
> do_login_command.
No again.
> I'd love love love if you guys can be swift in your responses, as
> security is my top priority. Thanks so much.
>
> -- You received this message because you are subscribed to the
> Google Groups "MOO Talk" group. To unsubscribe from this group and
> stop receiving emails from it, send an email to
>
MOO-talk+u...@googlegroups.com
> <mailto:
MOO-talk+u...@googlegroups.com>. To post to this
> group, send email to
MOO-...@googlegroups.com
> <mailto:
MOO-...@googlegroups.com>. Visit this group at
>
https://groups.google.com/group/MOO-talk. For more options, visit
>
https://groups.google.com/d/optout.
- --
Take care,
Ty
Twitter: @sorressean
Web:
https://tysdomain.com
Pubkey:
https://tysdomain.com/files/pubkey.asc
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQEcBAEBAgAGBQJX3FgMAAoJEAdP60+BYxejRUAIAJE0lPXDDRk0GpZOYkKzoSlv
WsUJtjM8oK1/Uc1s3/34AoETend7xp2WLJ9oXZkdFzATTX32UrQQ9X5A8VzatHso
4RavXQHtjBJfLCELPwKyYjv9V3QaAyuI1+sLszOvKwXZKJfNESvTZ0abM/9SQbTQ
mxA89ztzh5qk2d3PoDCZjy+yJeLOq05Tjozp2dWN756pheldBtLV41cQd5Zqtd1a
UHxUKy/oYMBhijNhGAPrQLN3j8ZGCtf40JdqitKI9PkcV+VNj/BzoatPwp2lJk6M
nT4byk7QARArbqYmIVz7NoMpvQ+MfyJ+QRLzL16al1u+KwyEMEUUH82Do6araR0=
=9Adi
-----END PGP SIGNATURE-----