They asked if the code was airtight. “I don’t see anything I want to flag.”
And I saw right through that my friend :D
As I said in my reply to Taleuntum, I left the weakness as a test to find someone I could trust to find sneakier weaknesses. Of you three who saw the code, only Lanrian reported. “I don’t see anything I want to flag.” That’s cute. To be more accurate, I wasn’t sure you were hiding a security flaw, but I didn’t have to be sure since either way meant I couldn’t entrust you with the task. And the wording left me thinking you were hiding a security flaw with 80% credence. I thought about asking “Did you see anything worth flagging?”, but decided against it.
Later, lsusr told me that that line would get me disqualified. I didn’t say anything, in the hopes some clique member would wonder what it was for, include it in their bot just in case, and get disqualified.
I feel a little bad about all this, and hope Vanilla_cabs has no hard feelings.
Not at all, I just feel like I’ve dodged a big bullet. How come that line would get someone disqualified? Has lsusr been more specific?
Eventually we just settled on “the exact line foo = ‘bar’ is permitted as an exception”, and I didn’t see what I could do with that.
Later, lsusr told me that that line would get me disqualified. I didn’t say anything, in the hopes some clique member would wonder what it was for, include it in their bot just in case, and get disqualified.
I thought it would be harmless and that there was some chance (even though it would make more sense to read some codeword directly from the payload) that someone would be using it as a recognition signal to boost a chosen clique member’s bot using a non clique member’s bot.
Is it really disqualifiable? I am not using foo for anything else other than setting it.
The parent comment comes from a private conversation between me and philh in which I conveyed erroneous information. The mistake is my fault—not philh’s. A line such as foo = 'bar' is legal in some contexts. A line which uses the global namespace to preserve information between class instances is illegal.
Disqualifying players for things they obviously wouldn’t do if they knew the rules of the game seems pretty cruel. I hope isusr just deletes that line for you.
Setting constants into the global state of your own file is fine. What I care about is whether you’re setting variables into the global state for the purpose of preserving information between bot instantiations or otherwise messing with the game engine. simon’s bot clearly does neither.
I confess I’m a bit confused, I thought in our PM conversation I was fairly explicit that that’s what I was asking about, and you were fairly explicit that it was forbidden?
It’s not a big deal—even if this was forbidden I’d think it would be totally fine not to disqualify simon, and I still don’t actually expect it to have been useful for me.
In my private conversation with you (philh) I stated “Writing variables to the global namespace is forbidden.” I then doubled down on the error by stating “Yes. All data must be saved in a class instance.”
I apologize for the error. What I should have written was that using the global namespace to get around information restrictions is illegal but that writing constants to your module’s global namespace in a way that does not evade information restrictions is fine.
And I saw right through that my friend :D
As I said in my reply to Taleuntum, I left the weakness as a test to find someone I could trust to find sneakier weaknesses. Of you three who saw the code, only Lanrian reported.
“I don’t see anything I want to flag.” That’s cute.To be more accurate, I wasn’t sure you were hiding a security flaw, but I didn’t have to be sure since either way meant I couldn’t entrust you with the task. And the wording left me thinking you were hiding a security flaw with 80% credence. I thought about asking “Did you see anything worth flagging?”, but decided against it.Not at all, I just feel like I’ve dodged a big bullet. How come that line would get someone disqualified? Has lsusr been more specific?
Well played!
I fell for
I thought it would be harmless and that there was some chance (even though it would make more sense to read some codeword directly from the payload) that someone would be using it as a recognition signal to boost a chosen clique member’s bot using a non clique member’s bot.
Is it really disqualifiable? I am not using foo for anything else other than setting it.
Putting data in global state is forbidden, yeah, even if you don’t do anything with it. I was a bit surprised.
Just to be clear, this would only be forbidden if you put it at the top level. If you put it in your class it would be fine. So
The parent comment comes from a private conversation between me and philh in which I conveyed erroneous information. The mistake is my fault—not philh’s. A line such as
foo = 'bar'is legal in some contexts. A line which uses the global namespace to preserve information between class instances is illegal.Yeah, I put it in at top level.
Disqualifying players for things they obviously wouldn’t do if they knew the rules of the game seems pretty cruel. I hope isusr just deletes that line for you.
simon will not be disqualified.
Thanks!
Setting constants into the global state of your own file is fine. What I care about is whether you’re setting variables into the global state for the purpose of preserving information between bot instantiations or otherwise messing with the game engine. simon’s bot clearly does neither.
I confess I’m a bit confused, I thought in our PM conversation I was fairly explicit that that’s what I was asking about, and you were fairly explicit that it was forbidden?
It’s not a big deal—even if this was forbidden I’d think it would be totally fine not to disqualify simon, and I still don’t actually expect it to have been useful for me.
In my private conversation with you (philh) I stated “Writing variables to the global namespace is forbidden.” I then doubled down on the error by stating “Yes. All data must be saved in a class instance.”
I apologize for the error. What I should have written was that using the global namespace to get around information restrictions is illegal but that writing constants to your module’s global namespace in a way that does not evade information restrictions is fine.