Bug #217
Default server password
Description
Not really a bug but I think its important enough to be
treated as such.
Currently Doomsday is setup with a default net server
password. The problem is, I doubt anyone actually knows
to change it from the default before hosting a server
since this setting is "hidden" away in the console.
Obviously knowing the server password allows any remote
client to do a lot of funky stuff to the server and
kick other clients etc.
What I suggest is to make the server password appear
prominently in the server setup ui page and/or add a
random password gen mechanism to provide a bit of a
failsafe for unenlightened users.
Labels: Networking
History
#1
Updated by skyjake almost 15 years ago
Updated by There's no default admin password in the 2.0 arch. Remote administration is only possible under specific circumstances (not by default).