URL:
  <http://gna.org/bugs/?15472>

                 Summary: Mild security concern with event cache: server
setup commands shown to client
                 Project: Freeciv
            Submitted by: cazfi
            Submitted on: Wednesday 02/24/2010 at 19:29
                Category: general
                Severity: 3 - Normal
                Priority: 1 - Later
                  Status: None
             Assigned to: None
        Originator Email: 
             Open/Closed: Open
                 Release: 2.2.0
         Discussion Lock: Any
        Operating System: None
         Planned Release: 

    _______________________________________________________

Details:

When starting, server echoes commands used to setup server to console. At
least "read" command is problematic as it takes filesystem path as parameter.
This reveals information about server computer internals.

Previously this was not a problem as clients connect only after these
messages have been shown. Now, with even cache, they are stored and shown to
connecting clients.




    _______________________________________________________

Reply to this item at:

  <http://gna.org/bugs/?15472>

_______________________________________________
  Message sent via/by Gna!
  http://gna.org/


_______________________________________________
Freeciv-dev mailing list
Freeciv-dev@gna.org
https://mail.gna.org/listinfo/freeciv-dev

Reply via email to