Fix R_SPAWN exploit w/ JSON serialization

This commit is contained in:
tigercat2000
2017-12-04 14:47:42 -08:00
parent 27c26df364
commit ab0cb01768
2 changed files with 2 additions and 3 deletions
-1
View File
@@ -171,7 +171,6 @@ var/list/admin_verbs_debug = list(
/client/proc/map_template_upload,
/client/proc/view_runtimes,
/client/proc/admin_serialize,
/client/proc/admin_deserialize,
/client/proc/jump_to_ruin,
/client/proc/toggle_medal_disable,
/client/proc/startadmintickets,
+2 -2
View File
@@ -3,7 +3,7 @@
set desc = "Turns your marked object into a JSON string you can later use to re-create the object"
set category = "Debug"
if(!check_rights(R_ADMIN))
if(!check_rights(R_ADMIN|R_DEBUG))
return
if(!istype(holder.marked_datum, /atom/movable))
@@ -18,7 +18,7 @@
set desc = "Creates an object from a JSON string"
set category = "Debug"
if(!check_rights(R_ADMIN|R_DEBUG))
if(!check_rights(R_SPAWN)) // this involves spawning things
return
var/json_text = input("Enter the JSON code:","Text") as message|null