corny@linux /var/games/daimonin-client $ ln -s /home/corny/footest. client.log corny@linux /var/games/daimonin-client $ ln -s /home/corny/footest.p0 bmaps.p0 then started daimonin-client -> both overwritten seems to always create those files in /var/games/daimonin-client for me, but somebody should verify that. It also logs the password in plaintext in the logfile when creating a new character, nothing serious but maybe one could fix that on the fly.
Confirmed in daimonin-client-0.96.6_beta3, this version is currently not stable on any security supported architecture so no glsa is nescessary, however this issue should be fixed before being marked stable.
please provide a fixed ebuild, thanks
Hi, Some news here ? Is there an upstream update available ?
It's been package masked.
package was never stable, so we wont need a masking GLSA. keeping bug open as enhancement.
Games, do you want to keep this masked or should it be removed?
# Michael Sterrett <mr_bones_@gentoo.org> (02 Apr 2006) # masked pending unresolved security issues #122845 games-rpg/daimonin-client About time to die?
No, it's still being actively developed. Someone will fix it eventually.
Have we contacted the developers already? Maybe it's an good idea to let them know.
According to happypenguin there has been an update. Maybe it's time to re-evaluate? http://happypenguin.org/news/
Yes, beta 4 is officially running on their servers now.
0.9.7 writes to ~/.daimonin/
What is the reason it's still hardmasked?
(In reply to comment #13) > What is the reason it's still hardmasked? unmasked
the security issue is now solved, so I guess we can close this one. Feel free to reopen if you disagree.