View Single Post
Old 08-07-2012, 06:20 PM   #20
camlorn
Member
 
Join Date: Aug 2011
Posts: 144
camlorn is on a distinguished road
Re: Cyber-Attack on Atonement (warning)

Here's my thought on shell access: With current mudding technologies, it's almost necessary.

We do have lpmud which doesn't, and a few others, but anyone who's going to do anything beyond building will for the most part need shell access (I discount lpmud in this argument because I can just write malicious utilities myself, there, and get them run--in lpmud, even builders are coders). There's currently no way around this, not really, anyway--you can use version control, which imho is a good thing and more mud admins should use it, but shell access is still needed for the compilation (kind of--some versioning utilities will rebuild the mud).

But this doesn't matter. As soon as you give someone sourcecode-level access in any form, they can code anything they want to do; with c, this includes executing commands with the same privileges of the mud. Even builders nowadays have really powerful tools--a builder can't delete the sourcecode (Or can they? I'm sure there's a hack somewhere), but they can wreck players if they want in a lot of these codebases. For once, the limited mobprogs of diku get a positive mention for not really allowing this easily...I can't do "player.maxHp = 1", for example on a diku.

Essentially: I wouldn't give shell access to pr/rule enforcement unless they're also coders but most others will be able to do damage anyway (still, not giving it to people who don't need it is good--you might or might not limit the damage that way); I agree with snowtroll about trust, but see no reason to believe Atonement RPI didn't take necessary precautions.

The real problem with this, and I suspect where most of the I'm someguy123 coders come in, is for new projects. If I don't want to do everything myself, I need immortals, both builders and coders, and for many projects there's no game to make a potential coder play on first. For new projects, I personally think either code it yourself/with friends, or take nightly backups, keep logs of what people do, and hope for the best.

So, to sound hypocritical, I don't think it was Atonement's "fault", or anything--I misread the conversation above and assumed they were looking for justification to let him play again (for which I have previously apologized), but he's right--we shouldn't criticize; they did nothing wrong to bring the attack upon themselves, unless there's internal politics that we aren't aware of (I don't play Atonement--I wouldn't know, and I don't think there is or anything). Atonement is an established game; there's no reason to believe they don't have a competent application process and screening and the like.

I understand that no one's mentioned Atonement as the target of his/her advice, but I can't tell myself if it's intended as criticism or not--everything that's been posted, however, will be helpful to someone who's new to mud development, so I really don't think that there's a point in arguing about it.
camlorn is offline   Reply With Quote