Re: [NEW IDEA?] Binary Pfile Editing system

From: Eduo - Tempus Fugit Pseudo Admin (mud@SPARC.CIATEQ.CONACYT.MX)
Date: 07/30/97

On Tue, 29 Jul 1997, Shane wrote:

> On Tue, 29 Jul 1997, Zizazat Lazuras wrote:
> #> I'd rather just see ASCII pfiles in the stock code personally.
>  Well, I personaly think ascii pfiles are a security risk. I know the box
> i code on, is NOT SECURE. I don't know alot of people who can say there
> box is totaly secure. All someone has to do is login and upload there
> file.

1.-Its a game anyway
2.-If anyone can do that (I know noone could do that in my mac nor could
   it be done on Windows machines and is also difficult in properly
   configured UNIX boxes) *you* have a security problem, not the mud
3.-Still, in Unix, there is something called "owners", which prevent
   average joe from putting files in dangerous places and have those files
   be read by any other program
4.-A user that could hack a properly configured Unix system (not sure
   about Windows, 100% sure about the impossibility of doing so on my mac)
   then there are *tens* of possible security holes, none of which are
   really Circle problems but inherent to the system and directly
   proportional to the proficiency of the sysadmin and users.



     | Ensure that you have read the CircleMUD Mailing List FAQ:  |
     | |

This archive was generated by hypermail 2b30 : 12/08/00 PST