[309] in Coldmud discussion meeting

more arguing about log()

daemon@ATHENA.MIT.EDU (Mon May 23 22:29:22 1994 )

From: deforest@netcom.com (Robert de Forest)
To: coldstuff@MIT.EDU
Date: Mon, 23 May 1994 19:15:12 -0700 (PDT)

If all calls to $sys.eval, $sys.compile, and all methods on $sys which
 modify ,admins are logged, then Ray/Ashs senario is invalid. The time
 of modifying $sys.log and/or $sys,admins will be in the log.

Your scenarios all have human error on the part of the admins in them, too.
 I don't think you can justify time in log() based on that. I claim that
 the current version of the server can be made equally or more secure than
 MOO, which has been hacked once in Lambda's history (by Quinn). It has been
 lagged miserably by an unknown programmer, but that's a different kind of
 issue.

Incidentally, there may well be ways to hack adminship in-db in the World-6 or
 tCD cores. I would attribute this to operator error if this is the case.

Crag, always up for a nice, friendly argument. :)