24 Jul 97 14:43, Greg MacLellan wrote to Asher Densmore-Lynn:
 GM> if you're running door games that let you access dos, at ANY level,
 GM> you've got problems, no offence =)
Well, duh. d:
 AD>> (I'm a CoSys on a local Telegard board -- to prove a
 AD>> point, I created a filebase that pointed to his C:\
 AD>> directory. He thought that I couldn't get out of the TG
 GM> huh?? You created a filebase without him knowning, or you had access
 GM> to do so so you created one to access the c:\ dir?
I wasn't exactly SUPPOSED to have access -- my stats were inconsistent, 
though, and I broke through. He knew -- he was watching me do it.
 AD>> I'm pursuing the idea that even if -my- password is
 AD>> compromised, it doesn't matter.
 GM> you want it so someone can get into your account and still do nothing?
That's the idea.
 AD>> Once I get this system running, I don't really intend to -use- it
 AD>> myself -- I can handle new-user apps from GoldEd -- may even make
 AD>> some macros for validation...
 GM> what? you'll use golded to write/read messages? what's that about the
 GM> macros tho.. that doesn't really make sense. golded is an external
 GM> editor or a local editor.
I can macro GoldEd to fire Maximus, and I can stuff the command buffer with 
-j to validate a given user.
 AD>>  I might even delete my SysOp account from
 AD>> the Max user files -- nah, that'd be going too far.
 GM> Then all someone has to do is create an account using your sysop name
 GM> you have defined in max.ctl, and they'll get all your mail ;) good
 GM> idea.
Not if I put myself in BADUSER or whatever. d:
That'd be a first. SysOp not only locks himself out deliberately, but then 
twits himself.
Asher Densmore-Lynn 
... One wanton pointer, and you're in the soup!
--- Squish v1.11
---------------