> 1. You make it seem like a bug; it's not.
If you prefer to call it something other than a bug, that's fine
with me. The point is people need to be informed of it because
a significant portion might want to change it.
> It's not even a logical error.
> It's clear that when switched into another player, you _become_ that
> player. Did you know that you could also get that player killed? Or as
> that player tell someone something that that player did not actually say,
> though make it sound like they did? Or listen to other people perhaps tell
> you things that are private?
If you get the player killed it affects the player. If you forge things
from a player if affects the person behind the player. See my point?
> 2. In the beginning, since you thought it was a bug, you seemed to be
> asking for it to be fixed in future versions of Circle.
In the beggining I didn't call it a bug. I said it was sort of a bug.
However, you may call it anything you like.
> Perhaps it's not that we're taking offense at your suggestion, but rather
> in the way that you're suggesting it:
Perhaps I was taking offense at the "heavy-handed, arrogant" methods
I percieved being used by those who responded to me. It goes both
ways.
> 3. Your heavy-handed, arrogant method of describing this whole "security
> flaw" prompted strong reactions in others.
When did I call it a security flaw? Don't put it in quotes then. :)
I am amazed that you can call a simple declarative sentence without
any loaded adjectives or such a heavy-handed, arrogant method of
describing the whole situation.
> You list it as a "fact" that
> it's a bug -- in fact, the entire thing with being able to switch into
> other players is one huge security hole and anyone choosing to use it had
> already better have a damn good reason for using it. It's not just
> limited to mail. You tell other people "Fix it" -- before you so
> graciously say "fix it or no, I don't care".
I said it should be fixed. Sorry if that sounded like an order to fix
it. I apologize if I sounded commanding but I didn't feel such a simple
matter deserved a lot of time. I typed out a short sentence explaining
the matter and it's importance. I apologize if it was too simple and
to the point.
> 4. If, in fact, you had simply alerted others to a possible security hole
> individually, you would probably have been met with much less emphatic
> of a response. Instead, you listed it as a universal problem, and as
> such people found reason to disagree with you.
Uhhh... alerted others individually? Do you mean send an individual
e-mail to everyone on the whole list instead of just sending it to
the list? I'm sorry if you find your arguments against me lacking,
but I've only claimed a very simple thing: the behavior of the switch
command requires fixing. If you got anything else out of it then it
was unintended.
> On a written medium such as the Internet, it's best to get everything you
> mean to say right the first time, or expect to be called on portions of
> it that make no sense to the people you're writing to.
This is ironic considering I said exactly what I meant the first time.
On the Internet we have these things called archives and it's best
to consult them.
+------------------------------------------------------------+
| Ensure that you have read the CircleMUD Mailing List FAQ: |
| http://democracy.queensu.ca/~fletcher/Circle/list-faq.html |
+------------------------------------------------------------+
This archive was generated by hypermail 2b30 : 12/08/00 PST