Re: [MobProg] Major Security Hole!!!

From: Ron Hensley (ron@CROSS.DMV.COM)
Date: 10/08/97

> This is not a security hole. It's a feature. When you say it's a security
> hole you're suggesting it should be fixed. However, some people may
> want this behavior of MobProgs. Anyhow, we all know it's proper to
> change the policy not recode MobProgs. Policy not code... you can't
> code ethics.

Id have to disagree here. I dont see how anything that could let someone
I grant bottom imm level building status, potentially edit a mob, that
can then be used to advance themselves to IMPL could be called a feature
and not be taken as a security hole.

One might also remove the checks on the unix passwd program, the changing
anyones password but themselves, require root or wheel access, and write
up a nice motd that states to change roots passwd and login as root as a
nono, so please dont do it ....?!?!?!

    *   Ron Hensley                              *
    *   Network Administrator        *
    *                                   PGP Key at WWW Page           *
    *   DelMarVa OnLine                 749-7898 Ext. 403             *

     | Ensure that you have read the CircleMUD Mailing List FAQ:  |
     | |

This archive was generated by hypermail 2b30 : 12/08/00 PST