On Sun, 10 Mar 2002, Mike Stilson wrote: > Because what would happen if thru a miracle of cut-n-paste in an email > while, or making a diff to post, or anything else you grab some more of > your code than intended. I'd *like* to dismiss this on the grounds that it's inane; that it'd be awfully stupid to mindlessly copy code and give it to untrusted parties. But I can't. I know, as well as anyone, that it dosen't take a stupid person to do something cataclysmically stupid. So this is a valid, if minor, point. Properly configured access limits to MySQL and care are enough to cover it, and there are similar gotchas to any other security model. Sometimes (usually) *you* are the weakest link. > What if *buf decided to go wandering off through memory sometime and > act() spits that out to a player? This can happen either way. In fact, it's maybe more likely when we're allocating the memory on the heap. > If only mudadmin can run it, then that's the only account to worry > about, and that's only needed to be known by a couple people. Okay, but if the coders can read the log files, then we're back to them being able to see the main database password. The point still stands. > Hopefully you notice these things in their code before you use their > changes. ...and hopefully you notice the password in the code you copy-and-paste before you send it off in an e-mail to someone. Unfortunately, hope is both antithetical to security and, at some point, required. -dak -- +---------------------------------------------------------------+ | FAQ: http://qsilver.queensu.ca/~fletchra/Circle/list-faq.html | | Archives: http://post.queensu.ca/listserv/wwwarch/circle.html | | Newbie List: http://groups.yahoo.com/group/circle-newbies/ | +---------------------------------------------------------------+
This archive was generated by hypermail 2b30 : 06/25/03 PDT