.. master:: int privilege_violation(string op, mixed who, mixed arg, mixed arg2, mixed arg3)

  Validate the execution of a privileged operation. op denotes the requested operation, who is the object requesting the operation (file_name or object pointer), :arg:`arg` and :arg:`arg2` are additional arguments, depending on the operation.

  The function should return >0 to grant the privilege, 0 to indicate that the caller was probably misled and the error might be fixed, and anything else to indicate a real violation that will be handled as run time error.

  .. todo:: should probably either use enumerate below, or have a special directive for defining privileges

  The privileged operations are:

  attach_erq_demon
    Attach the erq demon to object :arg:`arg` with  flag :arg:`arg2`.

  bind_lambda
    Bind a lambda-closure to object :arg:`arg`.

  call_out_info
    Return an array with all call_out informations.

  configure_interactive
    Set option :arg:`arg2` with value :arg:`arg3` as default (``arg==0``) or for object :arg:`arg`.

  configure_driver
    Set option :arg:`arg1` to value(s) :arg:`arg2`.

  enable_telnet
    Enable/disable telnet (:arg:`arg2`) for object :arg:`arg`.

  execute_command
    Execute command string :arg:`arg2` for the object :arg:`arg`.

  erq
    At the request :arg:`arg2` is to be sent to the erq-demon by the object :arg:`who`.

  garbage_collection
    Object :arg:`who` calls the :efun:`garbage_collection` with :arg:`arg` as filename and :arg:`arg2` as flag.

  input_to
    Object :arg:`who` redirects the next input from commandgiver :arg:`arg`, using :arg:`arg2` as value for the flags. This is used for flag values including the 'no bang' option.

  limited
    Execute :arg:`arg` with reduced/changed limits :arg:`arg2` (as return by :efun:`query_limits`).

  mysql
    Object :arg:`who` attempted to execute mySQL efun :arg:`arg`.

  pgsql
    Object :arg:`who` attempted to execute Postgres efun :arg:`arg`.

  net_connect
    Attempt to open a connection to host :arg:`arg`, port :arg:`arg2`.

  nomask simul_efun
    Attempt to get an efun :arg:`arg` via efun:: when it is shadowed by a nomask type simul_efun.

  rename_object
    The object :arg:`who` tries to rename the object :arg:`arg` to the name :arg:`arg2`.

  send_udp
    Send UDP-data to host :arg:`arg`.

  get_extra_wizinfo
    Get the additional wiz-list info for user :arg:`arg`.

  set_extra_wizinfo
    Set the additional wiz-list info for user :arg:`arg`.

  set_extra_wizinfo_size
    Set the size of the additional user info in the wiz-list to :arg:`arg`.

  set_driver_hook
    Set hook :arg:`arg` to :arg:`arg2`.

  set_limits
    Set limits to :arg:`arg` (as returned by :efun:`query_limits`).

  set_max_commands
    Set the max. number of commands interactive object :arg:`arg` can issue per second to :arg:`arg2`.

  set_this_object
    Set ``this_object()`` to :arg:`arg`.

  shadow_add_action
    Add an action to function :arg:`arg2` of object :arg:`arg` from the shadow :arg:`who` which is shadowing :arg:`arg`.

  shutdown
    Object :arg:`who` calls the efun shutdown with :arg:`arg` as argument.

  sqlite_pragma
    Execute pragma statement in SQLite.

  symbol_variable
    Attempt to make a symbol from a hidden inherited variable. :arg:`arg` is the object in question, :arg:`arg2` the number of the variable in the variable table.

  variable_list
    An attempt to return the variable values of object :arg:`arg` is made from a different object :arg:`who`.

  wizlist_info
    Return an array with all wiz-list information.

  :efun:`call_out_info` can return the arguments to functions and lambda closures to be called by :efun:`call_out`; you should consider that read access to closures, mappings and arrays means write access and/or other privileges. :efun:`wizlist_info` will return an array which holds, among others, the extra wizlist field. While a toplevel array, if found, will be copied, this does not apply to nested arrays or to any mappings. You might also have some sensitive closures there. :efun:`send_udp` should be watched as it could be abused. The xxx_extra_wizinfo operations are necessary for a proper wizlist and should therefore be restricted to admins. All other operations are potential sources for direct security breaches - any use of them should be scrutinized closely.

  :history 3.2.10 changed: added the "enable_telnet", "net_connect", "set_max_commands" and "variable_list" violations.
  :history 3.3.563 changed: added the passing of the limits to the "limited" and "set_limits".
  :history 3.2.11/3.3.640 changed: added the "mysql" violation.
  :history 3.3.717 changed: added the "sqlite_pragma" violation.

  .. seealso:: :efun:`net_connect`, :efun:`send_erq`, :efun:`set_this_object`, :efun:`rename_object`, :concept:`simul_efun`, :efun:`call_out_info`, :efun:`shadow`, :efun:`add_action`, :efun:`bind_lambda`, :efun:`send_udp`, :efun:`input_to`, :efun:`execute_command`, :efun:`variable_list`, :efun:`enable_telnet`, :concept:`mysql`