Security

Security on kudlib is implemented via the UID and permissions mechanism.

Every object has a UID (User Identification), and an EUID (Effective User Identification). UID is determined when the object is first loaded, and is almost never changed. EUID can change, and determines what rights the object has. UIDs and EUIDs are strings of letters, such as "root" and "frege".

Every UID may belong to one or more groups. Groups are just an effective way of grouping together UIDs which have similar rights. A group may contain other groups. A group is a string of letters preceeded by a '$' sign, such as $all or $wizard.

For example, a permission to clone objects might include the group $wizard; every UID which belongs to the group has the right to clone objects. This is much more practical than having to list all the wizards of the mud.

Actions which are sensitive to security are protected by permissions; for example reading and writing files, destructing an object, and shutting down the mud.

A permission is a list of UIDs and groups. It determines which UIDs are permitted to perform an action. When written in a text file, a permission is a list of UIDs and groups separated by colons.

Refer to the following for further information: