For powwow (and on the
principle what unsafe-actions do), here is the explanation from the
http://mume.pvv.org/Download/clients/powtty/powwowhelp.txt (this version here is modified).
SecurityWhen you define an #action that automatically sends something back to the MUD you are connected to, you must be VERY careful since you may allow other players to force you to execute commands.
Let's explain better: Suppose you define the following #action:
Even though this may look harmless, such an action is potentially lethal, for the following reason:
If you receive a text from the MUD containing something like
The consequences of such a command can be easily imagined… There are two strategies to avoid such embarassing situations:
#sendand calculator. In fact this is NOT dangerous:
- Try to use $n instead of &n, so that semicolons and spaces are skipped.
since if someone tries to force you, as shown above, it will not work, because
action allows only one command to follow the pattern and you did not place braces aroundIn any case remember the best strategy is: check what you are doing and if you are not sure a command is safe, better do not use it.
group $1, so only the first command (in this case
group <name>) will be executed.
Last words: You are responsible for your client and your actions. You will not get reimbursement for losses due to misconfigured clients, no matter if some idiot triggered something on purpose or not!
|See also:||HELP CLIENT, RULES ACTIONS|
Generated on Sat Apr 24 10:55:33 2021