[Bug 3767] Some protection from malicious qvms

bugzilla-daemon at icculus.org bugzilla-daemon at icculus.org
Wed Sep 3 15:33:35 EDT 2008


------- Comment #3 from bugzilla at benmachine.co.uk  2008-09-03 15:33 EDT -------
I think it may still be possible to set variables by using trap_Cvar_Register
to add the CVAR_USER_CREATED flag, then calling it again with CVAR_ROM.
Also, although it's rarer for servers to run untrusted QVMs, the possibility
should probably be addressed.

I will address both these issues in a new patch sometime later.

Configure bugmail: http://bugzilla.icculus.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug, or are watching the QA contact.

More information about the quake3-bugzilla mailing list