Playground Plus v1.0.11A fully functional and freely downloadable multi-user realtime elsewhere-too talk server for UNIX
Playground Plus v1.0.11 - why, what, when and how?
The following email was sent to the angel mailing list regarding Playground Plus v1.0.11's release.From: Silver <silver@ew....org> Date: Mon, 26 Mar 2001 17:33:49 +0100 (IST) Subject: [EW-List] Playground Plus 1.0.11 Well I never thought I'd say this but ... Playground Plus 1.0.11 has now been released. For those of you who have been following the library code and bugtrack, this will be nothing new. Those of you who haven't (of which thats near enough everyone, so it feels like) then this contains the following: * All fixes in the PG+ bugtrack (including IP Mask exploit) * Fix to idlemessage code * Update to the version 3.0 of dynatext which is totally different from previous versions to really piss people off - but is much better :o) * All process_output implementations hacked out and ekto's put in * Tagging for socials added * "stats_info" code added * -Wno-pointer-arith flag to suppress warnings from broken gcc added * Updated nonconn masks for well known talker lists You can download the update from http://pgplus.ewtoo.org as well as a complete archive. Unfortunately those who have implemented some of the fixes will have an slightly harder time updating and this is something that I wish could have been avoided (after all, why punish those who have actually worked on the code?). Right, now thats over some of you probably have several hundred questions and I'll try to explain. Firstly this isn't the start of maintenance of the PG+ code, think of it as an emergency last minute bug fix, nothing more, nothing less. I still believe everything I said in my original posting for v1.0.10, people do ride on the back of regular bug-fixes, don't bother to fix things for themselves and even when the fix is presented to them still don't bother to put it in. I've come across only a small selection of talkers that actually have coders who have looked in the bugtrack and implemented the stuff thats there. Looking at the access logs shows very few visitors and those that do, come from the same selection of sites. Which is a shame. Version 1.0.11 is because of several things. An amount of persuasion from members of the list was a small start followed by a number of well known exploitable bugs and cockups. However in the last week or so a small group of individuals (or maybe one individual I don't know) has been targeting new PG+ talkers using the IP masking exploit to harrass and annoy individuals and admins. As well as that they have been posing as myself and demanding access to the logs, code, hcadmin privs, claiming that the licence says that the coders of PG+ should get HCAdmin (which is **NOT** the case, check it for yourself) and a whole host of what could best be described as pathetic attempts which has ultimately lead to individuals having rather a poor impression of me and causing an large amount of headache for everyone involved. Of course, by doing this update I'm simply pandering to the lazy souls who do not understand that if someone takes the time and effort to release a patch for an exploit then its generally a good idea to implement it. You could easily claim that doing this update is based purely on self-interest and if the exploits didn't involve making me look crap then I'd have just said "well, its their fault for not fixing the stuff on the bugtrack" And you'd be right. So, the code is there. Any further exploits will go up on the bugtrack and it will still be the responsibility of the coders to update that code. It never fails to amaze me that many people have not even looked at the whole PG+ site. There is a HUGE faq there, a comprehensive selection of library code, a bugtrack and message board. Looking back on the usage of them, I wonder why I didn't just shove the code on an ftp site with one hyperlink. Of course, I'm probably preaching to the wrong people. After all, you're on the angel list, you know when fixes are released and I'd hope that you do implement them. The culprits are probably those who don't know about the list (although it is documented in at least two places) but I just need to let off some steam :o) Anyway, I'm off to slink back into obscurity again. Have fun. Silver ps. On a final point I'd like to thank all those who contributed fixes and code to the update. The majority of it isn't mine and so credit where credit is due to Lokie, Dakmuh, Blimey, ekto, Nick, Slaine, PeeKaBoo and Segtor. Many thanks guys. -- Silver has passed his "best before" date Logged in since : Mar 26 17:04 (ewtoo.org time) Email address : silver@ew....org (public) "I pretend to work. They pretend to pay me." _______________________________________________ EW-List mailing list EW-List@angel.ew....org http://gweezlebur.com/cgi-bin/mailman/listinfo/ew-list
Back to the main page