On Fri, Jan 21, 2011 at 05:48:18PM +0100, Andre Müller wrote: > Nice, safty first.
Safety is nice, especially when it comes free. Creating users is no big deal. Even so, it's okay to fix. Just don't expect it to solve this problem in general. If you're allowing customers to install their own plugins, you're allowing them to execute code on your server. If the server process has permission to do so they can still access outside files, within their own plugins. Only way to prevent that is separate user accounts, and chroot. Alternatively you can trust the (stupidity of) customers :-) Regards frostschutz _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
