Hi > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Marcel > Sent: Friday, September 23, 2005 4:07 PM > To: hlds_linux@list.valvesoftware.com > Subject: RE: [hlds_linux] RE: Mandatory Source engine update > later today... > > And you are one of the people who start crying first when > their customers upload nasty scripts and run them via this > absolutely crazy and simple way. nope since i dont know how to secure a system. it seems that u dont have a clue. :) also if valve limits such a setting to command line, there is no security hole by concept. except a "guy" like u would allow customers to edit start scripts. guess u allow shell access, eh?!
> You can run many evil scripts without root privileges. jeez, never knew that. holy PEEEP ... how the hell i kept my systems secure the past 2 decades... nobody knows... scnr Simon > > | -----Original Message----- > | From: [EMAIL PROTECTED] [mailto:hlds_linux- > | [EMAIL PROTECTED] On Behalf Of Martin Zwickel > | Sent: Friday, September 23, 2005 4:00 PM > | To: hlds_linux@list.valvesoftware.com > | Cc: [EMAIL PROTECTED] > | Subject: Re: [hlds_linux] RE: Mandatory Source engine update later > | today... > | > | On Fri, 23 Sep 2005 15:41:29 +0200 > | "Marcel" <[EMAIL PROTECTED]> bubbled: > | > | > Hi, > | > > | > Holy shit - that would be such a huge security problem! > | > | Erhm, why? The script gets started by the hlds server with the same > | uid/gid. No one else could start it as a client. > | > | > Please don't to that! > | > > | > Instead another method to find out if an update is > released would be > | > great - something you can easily do with a shell script (like > | > downloading a webpage and "scan" for a message or sth.). > | > | Well, I hate that kind of method. The hlds server is the one that > | already knows about an update in (I think) nearly realtime. So it > | would cost extra processor cycles to check a HTML site > every 5 minutes > | or so ... > | > | -- > | MyExcuse: > | kernel panic: write-only-memory (/dev/wom0) capacity exceeded. > | > | Martin Zwickel <[EMAIL PROTECTED]> Research & > Development > | > | TechnoTrend AG <http://www.technotrend.de> > | > | _______________________________________________ > | To unsubscribe, edit your list preferences, or view the > list archives, > | please visit: > | http://list.valvesoftware.com/mailman/listinfo/hlds_linux > > > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list > archives, please visit: > http://list.valvesoftware.com/mailman/listinfo/hlds_linux > _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux