So what is it?
--------------
The WizPort is the combination of the WizShell (written by David
Ljung Madison) and tcpserv (written by Sam Lantinga.) The WizShell
is the shell that acts as a unix shell with mud file-securities.
Tcpserv is a telnet server which listens at a port and accepts
connections, then hooks the connection up to the WizShell.
Usually the WizPort is used to support a mud by giving Unix tools
to the mud's coders (but it can also run completely independent of a mud).
Instead of using the machine's normal security and password file,
you can make up your own. Essentially it uses:
o a fake root (/) directory
o either:
a different password file than the machines /etc/passwd
login through player.o files (for 'mud' usage)
o different read and write access.
o a different /bin directory
All this is done by controlling the file arguments that are typed in
on the command line. It is important that the commands in the wsh's
(WizShell) /bin directory are "secure" (see the chapter on security)
What's it like?
--------------
Below is a sample login to show you what the WizPort does. Comments
on the right side were added by me (everything after #)
-------------------------- START SCRIPT ---------------------------------
davesource.com] telnet some.wsh.location.com 3001 # wsh for GumbiMud
Trying...
Connected to some.wsh.location.com
Escape character is '^]'.
--WizShell v1.35
login: jubal # login
Password:
/players/jubal # this is all in /.login
If you are having term problems, try 'set TERM '
For diff. size terms, type 'help term'
Check out splitvt (you must have a vt100 term for this)
For help, type 'help'
-- Hello Jubal # my personal .login
Jubal [/players/jubal] # my prompt (from .login)
Jubal [/players/jubal] ls
total 26
1 ;-)/ 1 docs/ 2 monopoly/ 1 shad/ 1 wea/
1 arm/ 1 hell/ 1 obj/ 1 stuff/ 2 workroom.c
1 bin/ 1 home.c 1 open/ 1 tools/
1 castle/ 1 log/ 1 room/ 1 txt/
2 castle.c 1 mon/ 2 secur.c 1 water/
Jubal [/players/jubal] cd monopoly # all basic commands work
Jubal [/players/jubal/monopoly] ls -alg ../obj
total 58
1 drwxrwxr-x 2 daeron geom 1024 Jun 29 03:30 ./
1 drwxrwxr-x 20 daeron geom 1024 Jul 26 09:56 ../
2 -rw-rw-r-- 1 daeron geom 2000 Jan 11 1993 anything.c
9 -rw-rw-r-- 1 daeron geom 8716 Jan 15 1993 b.b.c
3 -rw-rw-r-- 1 daeron geom 2933 Jan 11 1993 champagne.c
1 -rw-rw-r-- 1 daeron geom 359 Jun 29 03:30 curse.c
1 -rw-rw-r-- 1 daeron geom 976 May 29 14:21 emoter.c
3 -rw-rw-r-- 1 daeron geom 2995 Jan 11 1993 merlyn.c
3 -rw-rw-r-- 1 daeron geom 2088 Jul 17 19:20 monitor.c
3 -rw-rw-r-- 1 daeron geom 2759 Jan 11 1993 monprompt.c
2 -rw-rw-r-- 1 daeron geom 1294 Jan 11 1993 ring.c
3 -rw-r--r-- 1 daeron geom 2365 Jan 11 1993 seller.c
4 -rw-rw-r-- 1 daeron geom 4085 Jan 11 1993 simsuit.c
3 -rw-r--r-- 1 daeron geom 2059 Jan 11 1993 steed.c
1 -rw-rw-r-- 1 daeron geom 575 Jun 4 18:37 stick.c
4 -rw-rw-r-- 1 daeron geom 3691 Jun 6 00:29 supertag.c
Jubal [/players/jubal/monopoly] history # ! and ! work
history [10]
2 echo Check out splitvt (you must have a vt100 term for this)
3 echo HISTORY IS NOW WORKING... (see help)
4 echo For help, type 'help'
5 set prompt Jubal [%d]
6 echo
7 echo -- Hello Jubal
8 ls -FHs
9 cd monopoly
10 ls -FHs
11 ls -FHs -alg ../obj
Jubal [/players/jubal/monopoly] cd /players
Jubal [/players] !ec # example of !
-- Hello Jubal # the echo from history
Gumbi: hey everyone! # Gumbi uses chat
Jubal [/players] who
login tty acc real name mesg idle
jubal pty/ttys4 GOD Jubal E. Harshaw y
gumbi pty/ttys5 GOD The Big Green Guy y
fuzzle pty/ttys6 WIZ Just call me Fuzz n
Number of users: 3
Jubal [/players] tell gumbi "You moron!" # more communications
You tell Gumbi: You moron!
Jubal [/players] alias # these were set in .login
.. cd ..
cp cp -i
less less -ErM
ls ls -FHs
mv mv -i
rm rm -i
Jubal [/players] cd jubal/monopoly
Jubal [/players/jubal/monopoly] vi _boardwalk.c
# this started up the 'vi' editor on the
# mud-file /players/jubal/monopoly/_boardwalk.c
# (which obviously couldn't be shown here :)
# after exit we are back at the wsh prompt:
Jubal [/players/jubal/monopoly] splitvt
# this is a fantastic utility written by Sam Lantiga
# (also the author of 'tcpserv', the program that does
# the port work for WizShell (making it the WizPort :)
# what this does is split the screen (vt100 only) much
# like the unix 'talk' program. In one half of the screen
# the user can login to the mud. In the other half the
# user canuse the WizShell, where the user can edit and
# work with their mud files. This way, single-window users
# (such as those with modems) will be able to edit and mud.
# after exiting splitvt, we are back at the wsh prompt:
Jubal [/players/jubal/monopoly] exit
Connection closed by foreign host.
davesource.com] # thats it -- back home.
--------------------------- END SCRIPT ----------------------------------
How secure is it?
-----------------
For a full answer on this, you need to read the chapter on security and
maybe even the tech docs. I would be foolish to guarantee the security
of the WizPort, as I would to guarantee the security of any large system
like the WizPort - but I am quite personally sure that if only secure
programs are put in the wsh's bin, then there should be no security holes.
While writing it, security was always foremost in my my mind, and
being a hacker myself ;) I was able to avoid security bugs before they
happened. I have had many of my hacker friends try to break in and
have all failed. In fact, my account was once closed while I happened
to have the WizPort running on it and I was unable to break into my account
through it. (I have found that muds themselves are many times less
secure than my WizPort *even* in terms of files that are outside
of the mud.) Most importantly, make sure you fully test the WizPort before
letting wizards use it, if it was installed correctly you should have no
problems.
David Ljung Madison <WizPortMail -at- davesource.com>