[quote="}TCP{Wolf"]There is an alternate way to fix all your "client side exploits which may overwrite files". It is also quite a simple one I have started to use on ALL my applications I use on the internet, such as browsers, or other games I play online.[/quote] That doesn't fix the exploit itself. And depending on the exact system (environment) you run Unreal in, you might be able to do a great deal of damage. [quote]Just run the game as normal user, or guest.[/quote] You think I'd allow X, which is insecure enough by itself, access to guests and/or random lusers? [quote]By default (at least up to XP to my knowledge), users in the normal user group and guests have no permission to modify existing files, except in their own Documents folder and files elsewhere which they created/own. As a result, by playing Unreal as a guest/normal user you automatically gain immunity to all mods trying to tamper with your EXISTING files, while map downloads are still possible - provided the game was originally installed under an admin account, of course. This also makes your user.ini / unreal.ini appear as "write protected" so all changes done to it during the game while be forgotten upon exit. Downloaded files are put into your cache as normal, you might just notice the file owner of those files in your cache is then your non-admin account, of course.[/quote] Ah, but not everyone runs windoze. Besides, you'd have to have superluser access to the machine, create an account, make the profile effectively read-only -- which is, afaik, plain impossible w/ windoze --, and generally be paranoid about running a program which I hold dear. I never install monolithc games as the superluser. Always under me own account. If I then feel the need to "install" something globally, it goes into /data/games, owned, not-so-coincidentally, by luser games. You'd have to seperate all writable parts, destroy and regenerate them on every invocation. Okay, you can write a script to do that, but can you honestly expect the average luser to undertake such an effort in these dark times? [quote]This solution requires you using NTFS and at least 2 user accounts, knowing how to "Run As..." while logged in as someone else helps too.[/quote] Nah, ffs works just fine, as does any UNIX file system (although ext? shit is async, no matter what mount options you specify; it's hence prone to -- more or less silent -- data corruption). [quote]It works with -ALL- applications there will ever be, except maybe such which may absolutely refuse to run inside non-admin accounts[/quote] Sure. Just keep dreaming on :^) Windoze lusers can be so pathetic. [quote](but if a game refuses to run as non-admin I would find that highly suspicious).[/quote] That's the one thing in your post that I'm able to agree with. [quote]It requires no installation of any additional or modified files.[/quote] Not in Unreal, no. But it's a half-assed workaround -- not a solution! -- that _does_ require quite a bit of work on the rest of the system. Including the installation of "additional or modified" files. [quote]For some games it may be advantageous to actually allow the non-admin to modify ini files such as your user.ini or the cache.ini - but you will have to decide that yourself and modify permissions on a case by case basis individually.[/quote] I just keep a dedicated ~/games/Unreal/ tree and symlink all the content in from the relevant dir on /data/games/. [quote] [b]Hints[/b] If you are unsure if you created and configured your non-admin user account correctly, start NOTEPAD (or any other text editor) as non-admin, and try to edit your Unreal.ini. If that is allowed (by default), you made a mistake somewhere. As a second test, see if you can CREATE a file (as non-admin) inside Unreal and edit that! This should be allowed so map downloads function properly. [/quote] [code] % NOTEPAD zsh: command not found: NOTEPAD % [/code] [quote] If you implement this solution properly, it would still be possible to clutter up your harddrive with garbage files theoretically, but all your existing files are perfectly protected - except the 2 or 3 ini files you allowed to be modified, perhaps, but you can backup those.[/quote] My "harddrive" -- I think you made a little tyop there -- doesn't contain the ~/games/ tree. That's all on the file server. Besides, I always create filesystems for all of the avail space when adding disks (except usually some initial slab of, say, 512M, for use in emergencies). So it's a bit difficult to fill up any "harddrives" that way :^) Well, uhm, now I've answered a long, battered list of cli^W^W^W^W^Wall that -- what was your actual point?