lawn mowing mod? where can i get that? it'll be at the expo for sure! -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Tim Holt Sent: Friday, June 21, 2002 8:40 AM To: [EMAIL PROTECTED] Subject: Re: [hlcoders] Fwd: Half-life fake players bug
-- [ Picked text/plain from multipart/alternative ] <ramble> Some of this security stuff is nuts. This guys "problem" is like me contacting someone and saying "Oh better watch out! Someone could break the glass on your house and GET INSIDE!" The creative imagination can come up with a million "flaws" to drive us all into little iron fortresses of fear if we let it. The fact that he RELEASED this is probably going to get more people trying it than anything ever would. And it's probably going to cause a number of security-anal sys admin types to start asking, "So is this Half-Life thing the employees play at lunchtime a security risk?" I know that's exactly what happened where I am. A REAL security concern would be if someone could come up with some buffer overflow exploit that allowed you to execute arbitrary commands on a server via a malicious client, or even worse, on a client via a malicious server. One bright side of course. Now all those mods with lower player counts can start writing bogus clients to make it look like they have more players. "Dude! This new lawn mowing mod must be HOT! They got 100 servers and they are ALL FULL! Weird tho, the servers all have the same IP and are like 27015, 27016, 27017, etc...." </ramble> botman wrote: >>Well, if it is as he says, where valve either selectively ignored his >>emails, or didn't care to acknowledge them, and it came to the point >>where a bug was posted on the net, serves valve right. Atleast he cared >>to explain the bug, and simply not release a bunch of programs that >>would create havok over the entire server population. Up to valve to fix >>it now that it is in the open, instead of working in private. Shame. >> >> > >>From the posts in the Linux HLDS list, people have already tried this and it >doesn't work with the x.1.1.0 release. Valve must have already fixed this >prior to x.1.1.0 and didn't feel the need to e-mail the guy back about his >exploit. > >Jeffrey "botman" Broome > >_______________________________________________ >To unsubscribe, edit your list preferences, or view the list archives, please visit: >http://list.valvesoftware.com/mailman/listinfo/hlcoders > > -- I think...I think it's in my basement. Let me go upstairs and check. -M.C. Escher -- _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlcoders _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlcoders
