URL: http://bugs.freeciv.org/Ticket/Display.html?id=39957
William Allen Simpson wrote:
Madeline, where is your code? The AUTH code here is cryptologically
unsound. Did the AUTH code come from someplace special? Is there any
reason to be backward compatible with anything?
The auth code
URL: http://bugs.freeciv.org/Ticket/Display.html?id=39957
Jason Dorje Short wrote:
URL: http://bugs.freeciv.org/Ticket/Display.html?id=39957
William Allen Simpson wrote:
Madeline, where is your code? The AUTH code here is cryptologically
unsound. Did the AUTH code come from someplace
URL: http://bugs.freeciv.org/Ticket/Display.html?id=39957
Jason Dorje Short wrote:
But the point is that having HACK access allows you to write directly to
the filesystem, through the /save command among others. HACK access
should only be given when you do not mind the user having write
URL: http://bugs.freeciv.org/Ticket/Display.html?id=39957
[wsimpson - Wed Dec 12 14:25:21 2007]:
Jason Dorje Short wrote:
But the point is that having HACK access allows you to write
directly to
the filesystem, through the /save command among others. HACK
access
should only be
URL: http://bugs.freeciv.org/Ticket/Display.html?id=39957
Jason Dorje Short wrote:
Also the whole point of the HACK check is that the client SHOULD have
permission to delete the file created. If the client cannot write to
that file then it should not be granted hack access.
Speaking as
URL: http://bugs.freeciv.org/Ticket/Display.html?id=39957
[jdorje - Mar. Déc. 11 06:55:12 2007]:
[book - Mon Dec 10 16:22:28 2007]:
We ameliorated this situation somewhat for warserver by
introducing/modifying the cmdlevels to:
[...]
What's the difference between ADMIN and CTRL
URL: http://bugs.freeciv.org/Ticket/Display.html?id=39957
William Allen Simpson wrote:
URL: http://bugs.freeciv.org/Ticket/Display.html?id=39957
Jason Dorje Short wrote:
Also the whole point of the HACK check is that the client SHOULD have
permission to delete the file created. If the
URL: http://bugs.freeciv.org/Ticket/Display.html?id=39957
William Allen Simpson wrote:
URL: http://bugs.freeciv.org/Ticket/Display.html?id=39957
server/gamehand.c
handle_single_want_hack_req()
Sent send_ruleset_choices() when HACK is not successful.
Redundant
URL: http://bugs.freeciv.org/Ticket/Display.html?id=39957
[book - Mon Dec 10 16:22:28 2007]:
We ameliorated this situation somewhat for warserver by
introducing/modifying the cmdlevels to:
[...]
What's the difference between ADMIN and CTRL access levels?
-jason