Hi Philip, Thursday, April 6, 2006, 6:46:31 PM, you wrote:
PL> And you think you aren't able to execute system commands using metamod? PL> Anything which ends up being a binary can contain malicious code which PL> will then be executed. Yes, but all essential files (on our servers) are marked executable and customer may not overwrite it. PL> Rather than choosing a secure setup you may simply want to ban Metamod, PL> SourceMM and anything else which allows binary plugins from your PL> customers servers. With this plugin the following scenario is possible: Example scenario: -- 1. Upload a text file, like cpp or any other program. 2. Compile it with g++ or gcc or with any other compiler available in the system. 3. Run compiled program via the plugin system command. best regards, Adam Grzesko [EMAIL PROTECTED] _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
