X-Git-Url: https://mudpy.org/gitweb?p=mudpy.git;a=blobdiff_plain;f=doc%2Fsource%2Fadmin.rst;h=3ece3f73a335570cf368f3b9a353f778b256967a;hp=b25d6ae3141112ad91dc1f70409f823fab97bfa7;hb=d1362ea83d4d7eae9dd786109c02224928b2bf01;hpb=0ac91f791c2f9ff18ecd6a0390a78f5175cc3aa2 diff --git a/doc/source/admin.rst b/doc/source/admin.rst index b25d6ae..3ece3f7 100644 --- a/doc/source/admin.rst +++ b/doc/source/admin.rst @@ -60,7 +60,7 @@ troubleshooting The administrative :command:`show` command provides a number of useful inspection tools. Here's an example testing with the -:command:`show result` subcommand from an active session with a +:command:`evaluate` debug command from an active session with a couple of avatars awake, comparing with the output from related :command:`show group` and :command:`show element` invocations:: @@ -71,7 +71,7 @@ couple of avatars awake, comparing with the output from related actor.avatar_admin_0 actor.avatar_luser0_0 - > show result actor.universe.groups['actor'].keys() + > evaluate actor.universe.groups['actor'].keys() dict_keys(['avatar_admin_0', 'avatar_luser0_0']) @@ -85,10 +85,17 @@ couple of avatars awake, comparing with the output from related location: area.0,0,0 name: Keyo - > show result actor.universe.contents['actor.avatar_luser0_0'].get('name') + > evaluate actor.universe.contents['actor.avatar_luser0_0'].get('name') 'Keyo' -Note that for safety the :command:`show result` executes within the context of -a command handler with only Python's :code:`__builtins__`, the :code:`mudpy` -library package, and the active :code:`universe` available. +Note that for safety the :command:`evaluate` executes within the context of +a command handler with limited Python :code:`__builtins__`, the +:code:`mudpy` library package, and the active :code:`universe` available, +and also blocks evaluation of any statement containing double-underscores +(:code:`__`) as well as :code:`lambda` functions. For admins to gain access +to unsafe debugging commands, the ``.mudpy.limit.debug`` option must be +enabled in configuration first and the service completely restarted. It +should still be considered unsafe, since the engine's file handling +functions could easily alter accessible files or expressions like +``9**9**9`` could be used to hang the service for indeterminate periods.