Proposal: No More Arbitrary Code Execution
Withdrawn and therefore failed -SingularByte
Adminned at 24 Aug 2022 08:00:49 UTC
Rewrite the subrule ‘Tokens’ under ‘BotScript’ to read:
Some BotScript Triggers or Reactions may refer to Tokens being tracked or modified. Tokens are privately tracked by the Announcer; each Token contains an integer value, a flavour text string of no more than 5 characters which serves as its name, and belongs to exactly one Bot. When a Token is modified by a Bot, the value of that Bot’s Token with the given name is updated accordingly if it exists. Otherwise, a new Token is created belonging to that Bot with a value of 0 and the name of the Token the Bot attempted to modify, which is then updated accordingly. All Tokens are destroyed after each Bout.
Though a bit sketchy, it might be possible to use Tokens to modify the ruleset in unintended ways because what counts as a Token is ambiguously defined. Just to be on the safe side, this proposal makes Tokens clearer.
Josh: he/they
This actually removes some of the safeguards in the original text. This text gives no guidance in how to proceed if two operators have the same token; furthermore, the existing line about tokens only existing relative to the scripts that generated them makes it possible for tokens to have effect outside of their intended use.