Hi Chris, Thanks! That's true for the user number. What should I do? Encrypt it?
On Wed, Feb 27, 2013 at 5:02 AM, Chris Wong <chrisyco+haskell-c...@gmail.com > wrote: > > Hello everybody! > > I am very happy to announce the beta release [1] of Nomyx, the only game > > where You can change the rules. > > I just gave it a go -- it looks fun :) > > However, I've spotted a security hole. The current user number is > stored in the URL -- if I change that number, I can masquerade as > someone else! Is this behavior intended? > > > This is an implementation of a Nomic [2] game in Haskell (I believe the > > first complete implementation). In a Nomyx game you can change the rules > of > > the game itself while playing it. The players can submit new rules or > modify > > existing ones, thus completely changing the behaviour of the game through > > time. The rules are managed and interpreted by the computer. They must be > > written in the Nomyx language, which is a subset of Haskell. > > At the beginning, the initial rules are describing: > > - how to add new rules and change existing ones. For example a unanimity > > vote is necessary to have a new rule accepted. > > - how to win the game. For example you win the game if you have 5 rules > > accepted. > > But of course even that can be changed! > > > > Here is a video introduction and first tutorial of the game: > > http://vimeo.com/58265498 > > The game is running here: www.nomyx.net:8000/Nomyx > > I have set up a forum where players can learn about Nomyx and discuss the > > rules they intend to propose: www.nomyx.net/forum > > > > As this is the first beta release of the game, I'm looking for beta > testers > > :) Although I tested it quite a lot, I'm sure a lot of bugs remains, > > especially in multiplayer. > > So if you are interested in testing Nomyx, please go to this forum thread > > and we'll set up a small team to start a match! > > http://www.nomyx.net/forum/viewtopic.php?p=5 > > > > Comments/contributions are very highly welcome! There is still a lot to > do. > > As for now, the game is not completely securised. It is easy to break it > by > > submitting rules containing malicious code. I'm working on it. If you'd > like > > to do security testing, please do it locally on your own machine and > send me > > a bug report :). > > > > Cheers, > > Corentin > > > > [1] http://hackage.haskell.org/package/Nomyx > > [2] www.nomic.net > > > > _______________________________________________ > > Haskell-Cafe mailing list > > Haskell-Cafe@haskell.org > > http://www.haskell.org/mailman/listinfo/haskell-cafe > > >
_______________________________________________ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe