Re: Lightmap performance drop
 

What commands are you trying to block? Rate can be controlled using sv_maxrate and fov can be blocked somehow. I don't remember exactly how to do that. Also, some commands send impulse values to the server.

Re: Lightmap performance drop
 

Here's the total so far...
I was reading on some forums about the admin "slowhack" plugin and all of the things it does. Theres some things I can tolerate but no one has the right to change my personal settings.
With protection in mind I set out to build a client-side utility to protect myself from potentially abusive admins ( also to test out a theory I had ).
A few hours later I had something that successfully hooked the client without needing a launcher application.
I developed a quick function which hooked the engine's pfnClientCmd function which would compare the passed string to those on a list.
If the command is blocked I'd have the client say something like "Potential client hijack attempt, command (blah) is protected".
And it worked, partially at least.
If I were to type the command into my console it was blocked fine, but if done through say amx_execclient the command gets executed anyway and my code isn't notified.

So, my great protection plan only works on one side and unfortunately its the wrong one.
I quickly opened up the quakeworld source and did a quick lookup on how those incoming functions were handled which brought me to that one linked-list and structure.

If I can get a pointer to that then hooking the commands directly should be no problem.
Just note that this is not a cheat in any way, shape or form.
If you want to see the source it is available to certain people on request.

Re: Lightmap performance drop
 

just thinking about this needs to be done for hl2 too against malicious admins. I read an article on www.steampowered.com forums, how admin`s have the rights to access disk root dir using ..\..\..\..\..\ in the console to overwrite important system files if they wanted.

Re: Lightmap performance drop
 

Well, who would ever want to compromise his own server ?

A multiplayer game service is insecure by nature. No good admin would run a game server on a tactically important machine. Who can attest there's no backdoor in one or several of your plugins ?

I think we should not make all that fuss about security for personal machines. Designing, coding, testing and validating hacker-proof code is a VERY boring and time-consuming task ; meanwhile all that time could be used to develop a lot of other cool things, such as improving code stability, implementing new features, etc.

If the game authors start to become paranoid about security, well it's a sad thing, because they will waste a lot of resources in it that will not be spent elsewhere.