-- [ Picked text/plain from multipart/alternative ] So instead of fixing a problem, you're going to just hide from it? Can't that exact same 'exploit' still be used to triiger "fps_max 2" on clients? Can't that exact same exploit still trigger client commands?
No it's not acceptable to check cvars and kick offenders, for one because people will change variables after changign the server, and checking the value every few seconds is neither efficient, nor save, nor should it be needed. Players should not be required to know exactly which cvars we block, sure some of them have an exploit nature, but some are also blocked since they should have no place in competitive play. A player simply executing his config, or setting a competition blocked cvar to something else should not be kicked from the server. He should be prevented from changing said cvar. zBlock specifically supported the "restrict_server_commands" convariable as quite simply it's only fair. zBlock however can not function *properly*without any abbility of preventive protection. As a final question, in previous emails you've stated that you would also provide an interface that would not only allow plugins to query client variables, but also to effectively restrict certain convariables to set values, which would then not be saved into the config. While the need for this has been minor with the abbility of triggering client commands, it would certainly be something that's going to be needed if VALVe indeed intends to keep the abbility to trigger client commands 'removed'. Assuming that it will indeed remain removed, are there any plans to follow up on this instead (ofcourse preferably before this gets out of beta)? On 4/27/07, Alfred Reynolds <[EMAIL PROTECTED]> wrote: > > The convar was removed as we had no effective way to otherwise protect > it. Large numbers of servers were using exploits to set the value of > this cvar without the users permission. > > If you write a plugin that runs client commands and you believe you have > a command that won't let you exploit a users game process (i.e rebind > keys, kills them, etc) then mail me (offlist) the details and we can > talk about adding it to the allowed list. > > Zblock in particular can still function perfectly, they can use the API > we specially added for them to query CVAR values and then kick users > with cvars outside of their configuration ranges. > > - Alfred > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Dan E > Sent: Friday, April 27, 2007 8:45 AM > To: hlds@list.valvesoftware.com > Subject: RE: [hlds] RE: [hlds_linux] Source Engine Dedicated server beta > (cl_restrict_server_commands) > > Yes, I commend Valve for getting betas out now instead of having things > come > out broken. I've already tried to help by letting Alfred know about > some > issues with the new release. I'm just curious as to what the missing > cl_restrict... is about. > > Dan > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of NaughtyGeek > Sent: Friday, April 27, 2007 11:24 AM > To: hlds@list.valvesoftware.com > Subject: RE: [hlds] RE: [hlds_linux] Source Engine Dedicated server beta > (cl_restrict_server_commands) > > I'm really going to have to disagree with you on this one. We all jumped > up > and down and said we needed betas before releases and here we are with a > beta to test. Change is a necessary evil and most of the people here > seem to > have made assumptions with the information that was provided. The > cl_restrict.... may have been removed, but Alfred has yet to reply to > this > list stating if it's been replaced, revised or otherwise. Everyone seems > to > be eager to jump down Valve's throat without acknowledging the fact that > they are making an effort to work with us. Where's the big shout out to > Valve from you guys that were spamming this list after every update you > didn't get a beta for. We all know that updates will likely break things > and > it sucks to have to always find a new way to skin the same cat, but > that's > the way software works and most of you know that. > > Alfred, thanks from those of us who appreciate the steps you're making > at > trying to work with the community rather than against it. > > > > > -------------- Original message ---------------------- > From: "Keeper" <[EMAIL PROTECTED]> > > Plugin makers work hard to make plugins that help server operators as > well > > as bring some new fun into the game for players without having to > > redistribute a mod. Valve is falling over itself to keep us from doing > this. > > It's the community support and creativity that keep a game alive, and > they > > have never gotten this. > > > > I'll tell you this, when HL2DM dies for me, steam will disappear from > my > > computer for good. I will never buy another thing from them again. > Unless > > they change their outlook towards the existing community and put some > effort > > into supporting us. > > > > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > http://list.valvesoftware.com/mailman/listinfo/hlds > > > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > http://list.valvesoftware.com/mailman/listinfo/hlds > > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > http://list.valvesoftware.com/mailman/listinfo/hlds > -- ___________________________ Wim 'TheUnknownFactor' Barelds [EMAIL PROTECTED] -- _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds