How is AuthMe "legal"?

Discussion in 'Bukkit Discussion' started by Bobcat00, May 18, 2014.

Thread Status:
Not open for further replies.
  1. Offline


    Just curious why AuthMe and AuthMe Reloaded are allowed on Bukkit Dev, given the following policy:

    EDIT: Fixed URL
  2. Offline


    Because it provides an extra security layer for Online mode servers.
    AuthMe makes the "my little brother played with my minecraft account on the server and got me banned!" statement impossible, since you are required to sign in with your extra password every time you join the server.
    CraftedShack likes this.
  3. Offline


    As a server owner, it's not my responsibility to secure peoples' clients; that's their problem.

    Regardless, everyone knows the purpose of AuthMe is "to provide support for or security to offline mode servers".
  4. Offline


    Simply because it can be for online servers. Although usually its not, it can be. (if that makes sense)
  5. Offline


    Usually might be an understatement here. According to mcstats, 97% of servers using auth-me are in online-mode=false.
  6. Offline


    He said that it can be used for online mode servers. While many don't, I'd also be willing to bet that a lot of people also use any other plugin in offline mode.
  7. Offline


    But I'm specifically referring to the wording of the Bukkit Dev policy: "Projects that are created to provide support for or security to offline mode servers will be denied unconditionally." Since AuthMe was created to provide security to offline mode servers, I don't understand how it can be an approved project.
  8. Offline


    Bobcat00 Because they do not state that they are offering it to offline servers.
  9. Offline


    If I remember correctly, AuthMe was created before that policy existed, so it doesn't apply to it, only to new projects.
  10. Offline


    I could remember there was a time where one of the rules said that you where allowed to post these kind of plugins but without the purpose of sponsering offline servers, these are not the correct words ive readed though but it whas smilliar forgive my bad english If ive misreaded that wrong though, but that is from a long time ago,.

    but anyways I don't think it would be 'illegal' considered if you remembered the session stealing exploit this came actually pretty in handy to protect your servers for that, but also some people still use it just as a extra layer of protection while their server is just running in online mode also I don't read any word named 'offline' on the dbo of that plugin, because I think the people are just miss using it instead of realize that it is for protection:p
    justcool393 likes this.
  11. Offline


    Heh... I love people's reactions when they expect me to buy that and I don't.
  12. An extra auth layer is used by some servers for "hard reasons", so i think such a plugin could also be allowed with newer guidelines.

    Maybe there are parts of the code extra for offline mode servers, but such is also the case with uuid-services, e.g. to be able to prevent certain features such as database-updating if a server is in offline mode.

    Remembering that auth-exploit.... servers with this plugin were affected much?
  13. Offline


    Maybe a plugin like AuthMe should only be allowed on BukkitDev if it checks getOnlineMode().
  14. For testability and also against accidents it would make sense to not disallow running in offline mode as well, though. With many hosters online/offline-mode will just be one click.
    justcool393 likes this.
Thread Status:
Not open for further replies.

Share This Page