Jamie Nay wrote:
>
> I don't see why it would be. It's the administrator's mud (which is only a
> game, btw), and if he wants to log passwords for security reasons, etc, I
> don't think it's a big deal. Besides, if he really wanted to, he could just
> change it anyways... logging passwords does less harm than "set joemudder
> password immsrule" or whatever.
Logging passwords poses a security risk to both players and admin,
especially if you run your MUD on a server that coexists with several
other MUDs. Group and/or user read permissions are often set by default
on many such servers and if that is the case and you are not carefull to
change the permissions on the log files then you leave the passwords
open for anyone to discover. The passwords stored in the pfiles are
encrypted in such a manner so that they cannot be easily resolved back
into the original passwd, they are verified by encrypting the player's
password entry and checking it against the encrypted password in the
file, so it is very difficult at best to get a player's password even if
the pfile is fully visible to everyone who looks at it.
I see no reason why anyone should log player's passwords unless they are
doing it for malicious intents, following is the common reasons I have
seen in this topic so far and the reason why they don't don't fly...
"I want to be able to inform players if they have easy to crack
passwords such as name: fred, password: fred"
The best way to accomplish this is to set up a set of rules for
passwords that will minimize the risk from not-so-good passwords. Linux
already has routines that do this and I would guess that the libraries
are available to use in your own programs as well.
You can also download programs which are designed to crack encrypted
password lists off the internet. Run the pfile through the program and
if it cracks any of the passwords then you can tell the player that his
password is compromised.
Also keep in mind that if a player uses an easy to crack password and
ends up having his character messed up he has no one to blame but
himself, a good policy is to not be responsible for stolen characters or
passwords.
"But what if one of my immorts uses an easy to crack password? That
could compromise the MUD."
Yes it can, and so can a lot of other things that are outside of your
control. How well do you really know the immortals in your MUD? If any
of them gets pissed they could potentially cause a lot of damage. There
is one way and one way only to protect your MUD against malicious
attacks, that is to keep a current off-site backup, then you can always
restore from the backup. If someone hacks and completely destroys your
MUD, from the time you find out about it, it will take no longer than a
couple hours to have your MUD up and running again.
"I want to be able to tell a player his password in case he forgets it"
Just set a new password for the player and tell him that.
"But I have to be sure that it's really them."
And you wouldn't have to be to tell them the password from the log?
The simple fact is that passwords should never be stored in plain text
anywhere, and they should not be availabe to even the implementor of a
MUD. When a player starts playing your game they are putting a ceartain
amount of trust in you, do them a favor and keep that trust justified.
Regards, Peter
+------------------------------------------------------------+
| Ensure that you have read the CircleMUD Mailing List FAQ: |
| http://qsilver.queensu.ca/~fletchra/Circle/list-faq.html |
+------------------------------------------------------------+
This archive was generated by hypermail 2b30 : 04/10/01 PDT