Why do functions such as cvar.String and GetConVar not display the rcon when printed, but they display other cvars? Is there a way to fix this?
For security?
[QUOTE=rtm516;50437233]For security?[/QUOTE]
I don't really see how that makes it more secure, if someone had the access to put code in your files that printed the rcon, they could do a lot worse than having the rcon.
Yes but with workshop addons a server owner will unknowingly install something that when the author joins it prints the rcon pass
[QUOTE=rtm516;50437267]Yes but with workshop addons a server owner will unknowingly install something that when the author joins it prints the rcon pass[/QUOTE]
They could also use file.Read and http.Post to send the contents of any file, including the one with the password in..without having to join the server.
[QUOTE=Sweepyoface;50507697]They could also use file.Read and http.Post to send the contents of any file, including the one with the password in..without having to join the server.[/QUOTE]
Rekt
[QUOTE=Sweepyoface;50507697]They could also use file.Read and http.Post to send the contents of any file, including the one with the password in..without having to join the server.[/QUOTE]
Yea but who puts rcon pass in server.cfg anyway its all done by command line if you have any sense
[QUOTE=rtm516;50508720]Yea but who puts rcon pass in server.cfg anyway its all done by command line if you have any sense[/QUOTE]
They could also use file.Delete or any other hook to screw up your server, or use it to get your database password, the fact is if someone has access to your serverside lua printing the rcon password is the least of your worries, you shouldn't install addons you don't trust, or extract them and look them over first.
[QUOTE=rtm516;50508720]Yea but who puts rcon pass in server.cfg anyway its all done by command line if you have any sense[/QUOTE]
People actually still do this
[QUOTE=Sweepyoface;50508743]They could also use file.Delete or any other hook to screw up your server, or use it to get your database password, the fact is if someone has access to your serverside lua printing the rcon password is the least of your worries, you shouldn't install addons you don't trust, or extract them and look them over first.[/QUOTE]
unless they only keep that sensitive data in the servers memory
[QUOTE=Slowboi;50509435]unless they only keep that sensitive data in the servers memory[/QUOTE]
Still missing the point..
[QUOTE=Slowboi;50509435]unless they only keep that sensitive data in the servers memory[/QUOTE]
Implying that will stop it
Sorry, you need to Log In to post a reply to this thread.
