rules
ARES System Manual: security Rules
Rules are how ARES determines what privileges to grant each rank of user. (See security for a basic introduction.) Most privileges are cumulative, meaning a user of a high rank also has the privileges of a user with a lower rank.
The ranks are:
1 (strangers), 2 (guests with consent), 3 (users), 4 (managers), 5 (owners)
If you see a rule with the setting of 0, that means no one may ever take the action in question. If you see a rule with the setting of 6, that means the action is reserved for the unit alone, and will work even if the unit is banned from accessing itself.
If a rule requires rank 2, then any stranger who attempts to perform such an action will generate a consent prompt, which the unit must answer before the action will be completed. Consent prompts have no timeout.
The rules in the current version of ARES are as follows:
add manager: give someone the rank of manager unless they already have the rank of owner.
add owner: give someone the rank of owner.
add user: give someone the rank of user, unless they are already a manager or owner.
arouse: trigger sexual arousal events (requires the Sexuality add-on)
chat: make the unit send chat messages.
database: permission to use the db program (some features are always restricted to owner only)
delete file: use the fs
demote manager: reduce a manager to user rank, or to remove a manager entirely.
demote owner: reduce an owner in rank, or to remove an owner entirely.
demote self: remove oneself from the user list, or reduce one's own rank; this supersedes other rank requirements.
identity: change the unit's name, gender, or color settings.
local: run commands when within chat range (20m) of the unit; activate verbal commands (see trigger) at any range.
manage: access the 'settings' and 'access control' menus, use the 'pkg' program to add or remove software, and similar.
menu: access the menu.
persona: change the unit's persona.
remote: run commands from anywhere in the current region.
run-away: use the
safeword: if restraint is installed, use the
storage-ro: mount the unit's local storage as a data source on another ARES unit (see sources) with read-only permission.
storage-rd: mount the unit's local storage as a data source on another ARES unit (see sources) with read and delete permission.
storage-rw: mount the unit's local storage as a data source on another ARES unit (see sources) with full access. This is never used, as local storage is based on notecards.
vox: adjust vox filtering settings. (See vox)
yank: automatically teleport the unit when sending a teleport invite.
As ARES develops, more rules will be added as needed.
Rules are how ARES determines what privileges to grant each rank of user. (See security for a basic introduction.) Most privileges are cumulative, meaning a user of a high rank also has the privileges of a user with a lower rank.
The ranks are:
1 (strangers), 2 (guests with consent), 3 (users), 4 (managers), 5 (owners)
If you see a rule with the setting of 0, that means no one may ever take the action in question. If you see a rule with the setting of 6, that means the action is reserved for the unit alone, and will work even if the unit is banned from accessing itself.
If a rule requires rank 2, then any stranger who attempts to perform such an action will generate a consent prompt, which the unit must answer before the action will be completed. Consent prompts have no timeout.
The rules in the current version of ARES are as follows:
add manager: give someone the rank of manager unless they already have the rank of owner.
add owner: give someone the rank of owner.
add user: give someone the rank of user, unless they are already a manager or owner.
arouse: trigger sexual arousal events (requires the Sexuality add-on)
chat: make the unit send chat messages.
database: permission to use the db program (some features are always restricted to owner only)
delete file: use the fs
delete
command to delete files.
demote manager: reduce a manager to user rank, or to remove a manager entirely.
demote owner: reduce an owner in rank, or to remove an owner entirely.
demote self: remove oneself from the user list, or reduce one's own rank; this supersedes other rank requirements.
identity: change the unit's name, gender, or color settings.
local: run commands when within chat range (20m) of the unit; activate verbal commands (see trigger) at any range.
manage: access the 'settings' and 'access control' menus, use the 'pkg' program to add or remove software, and similar.
menu: access the menu.
persona: change the unit's persona.
remote: run commands from anywhere in the current region.
run-away: use the
security reset
command to clear the user list and restore self-ownership. If the unit is banned from itself, it must use the _input shortcut @runaway
instead.
safeword: if restraint is installed, use the
restraint safeword
command to abort RLV relay interactions. If the unit is banned from itself, it must use the _input shortcut @safeword
instead.
storage-ro: mount the unit's local storage as a data source on another ARES unit (see sources) with read-only permission.
storage-rd: mount the unit's local storage as a data source on another ARES unit (see sources) with read and delete permission.
storage-rw: mount the unit's local storage as a data source on another ARES unit (see sources) with full access. This is never used, as local storage is based on notecards.
vox: adjust vox filtering settings. (See vox)
yank: automatically teleport the unit when sending a teleport invite.
As ARES develops, more rules will be added as needed.