Bug #217: Default server password - Doomsday Engine - Tracker

Bug #217

Default server password

Added by danij almost 20 years ago. Updated about 12 years ago.

Status:

Closed

Priority:

Normal

Assignee:

skyjake

Category:

Target version:

1.8.6

Start date:

2005-02-16

% Done:

100%

Description

Not really a bug but I think its important enough to be
treated as such.

Currently Doomsday is setup with a default net server
password. The problem is, I doubt anyone actually knows
to change it from the default before hosting a server
since this setting is "hidden" away in the console.

Obviously knowing the server password allows any remote
client to do a lot of funky stuff to the server and
kick other clients etc.

What I suggest is to make the server password appear
prominently in the server setup ui page and/or add a
random password gen mechanism to provide a bit of a
failsafe for unenlightened users.

Labels: Networking

History

#1 Updated by skyjake over 15 years ago

There's no default admin password in the 2.0 arch. Remote administration is only possible under specific circumstances (not by default).

Also available in: Atom PDF

Project

General

Profile

Doomsday Engine

Issues

Custom queries

Bug #217

Default server password

History

#1 Updated by skyjake over 15 years ago