24 Jul 97 14:43, Greg MacLellan wrote to Asher Densmore-Lynn:
GM> if you're running door games that let you access dos, at ANY level,
GM> you've got problems, no offence =)
Well, duh. d:
AD>> (I'm a CoSys on a local Telegard board -- to prove a
AD>> point, I created a filebase that pointed to his C:\
AD>> directory. He thought that I couldn't get out of the TG
GM> huh?? You created a filebase without him knowning, or you had access
GM> to do so so you created one to access the c:\ dir?
I wasn't exactly SUPPOSED to have access -- my stats were inconsistent,
though, and I broke through. He knew -- he was watching me do it.
AD>> I'm pursuing the idea that even if -my- password is
AD>> compromised, it doesn't matter.
GM> you want it so someone can get into your account and still do nothing?
That's the idea.
AD>> Once I get this system running, I don't really intend to -use- it
AD>> myself -- I can handle new-user apps from GoldEd -- may even make
AD>> some macros for validation...
GM> what? you'll use golded to write/read messages? what's that about the
GM> macros tho.. that doesn't really make sense. golded is an external
GM> editor or a local editor.
I can macro GoldEd to fire Maximus, and I can stuff the command buffer with
-j to validate a given user.
AD>> I might even delete my SysOp account from
AD>> the Max user files -- nah, that'd be going too far.
GM> Then all someone has to do is create an account using your sysop name
GM> you have defined in max.ctl, and they'll get all your mail ;) good
GM> idea.
Not if I put myself in BADUSER or whatever. d:
That'd be a first. SysOp not only locks himself out deliberately, but then
twits himself.
Asher Densmore-Lynn
... One wanton pointer, and you're in the soup!
--- Squish v1.11
---------------
* Origin: Phaenix Rampant, 'Uhm... I hit it again!' (1:130/115)
|