(28 Jul 11, 06:10PM)Luc@s Wrote: Someone told me about this post, i thought i had to react.
First your access was supposed to be removed because you had no reason to contribute anymore. Also, giving access to the code implies to give access to confidential data so i had decided to remove your password.
I agree with this, I never said it shouldn't have been removed.
(28 Jul 11, 06:10PM)Luc@s Wrote: The problem is you stole and published (even if they were commented they were still public) informations about the database which were stored in a hidden file for good reasons. It was a real security issue and also i don't like the fact you have knowledge of my databases passwords and users. You have modified the source when you wouldn't have been able to and you have caused a serious problem.
I don't care about how you'd like to name that - hacking or not - actually it's serious and i had to changed all passwords of my database.
I reinforced the security of my server and removed the user name and password you used to modify the code.
"Published"? you can't be serious. First lets say the chance of somebody looking at the source, literally 0.
Then lets say they happen to realise what the random bit of commented out 'jibberish' is, literally 0.
I was modifying the source because you left and they came and asked me? Why didn't they just email you?
What serious problem? If you've had any intrusions because of it please list them, because other than a minor incontinent task of you having to change your password. So no actual problems were caused.
I don't care that you removed the access, because I never wanted to access it other than to help your friends who asked me..
(28 Jul 11, 06:10PM)Luc@s Wrote: I decided to disqualify you from ACWC because i just had to do something, and it was the most appropriate sanction imo. I also have blacklisted you from http://acwc.us.to/ because i think you should stay away from the web site for security reasons. You have knowledge of the source code and, despite your help, i don't trust you anymore.
Stay away for security reasons? All I wanted to do was participate...
(28 Jul 11, 06:10PM)Luc@s Wrote: I've been really disappointed by this problem, a few days after i handed over the reins and shared my VPS. I have even thought about stopping to share it actually. But it would have been a bad idea. I preferred to penalize only you.
How was I to know it was your VPS? Again, I have no reason to want to touch it other than to help. If I want VPS access I have 2 of my own... One of which I bought specifically to help you host acwc
(28 Jul 11, 06:10PM)Luc@s Wrote: PS : the modifications daylixx asked were not needed, there was just no link to the resource he wanted to access.
I never even spoke to daylixx, I talked to harrek and gave him all he asked...
(28 Jul 11, 06:10PM)Luc@s Wrote: PS 2 : i can tell there is no problem with the code, everything has been made to make it easy to use. This is just about laziness.
? They couldn't see the unapproved users from the admin panel of the site, which is why I looked at the database to check it. I told them how I "thought" you had been approving teams and how they should add them.
So all in all they should have emailed you instead of contacting me. I have been totally screwed over for trying to help out.