Hi Philip, Thursday, April 6, 2006, 6:31:55 PM, you wrote:
PL> The problem is that it simply is not possible. A malicious user may PL> simply overwrite the Srcds binaries to execute any code he wants (hence PL> this "problem" is not only related to the srcds but any program out PL> there (if you do not chroot() it or run each server under their own user PL> account and make sure your system is patched)). PL> End of the story is that Valve cannot fix this "feature". No. You are wrong. You may block some file names not to be overrwriten by FTP like binaries that server runs or even block all executable files to be overwritten. So this way customers cannot upload own binaries. This is how we do it. But hence customers have free ftp access to other server files, to move administrative task to themselves, they are allowed to put any plugin they want. best regards, Adam Grzesko [EMAIL PROTECTED] _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
