In the notes below the conduct policy, add this.
QuoteIf you inform the Owner or the development team of an exploit to access admin exclusive resources, you will be exempt from 1f and 1g.
In the notes below the conduct policy, add this.
QuoteIf you inform the Owner or the development team of an exploit to access admin exclusive resources, you will be exempt from 1f and 1g.
There is a clear difference between performing an exploit and reporting an exploit.
↩ characterslimits There is a fatal loophole with this. An OP could theoretically maliciously use a new exploit, then report it and theoretically get off punishment because they "reported" it. There should be no exemptions to the policy because its already common sense that if you know of an exploit that could be abused maliciously, you should tell the respective individuals (Developers/Owner).
↩ Alco_Rs11 yeah the only reason why the 1f rule has that exemption is because typically if someone has found a way to gain access to unauthorized material, it wont cause harm to the server as long as it isnt used. Like for example if i found someway to access SSH, and then reported it, that would exempt me from any punishment because i never actually used that SSH access to do anything, however if i actually used that access to, for example, add some random op to the admin list, i would still be punished even if i reported this afterwords. I know this because I myself have been under similar circumstances in the past
I think what the post means is if some exploit on TF is found, that could be used maliciously, is reported the user who found it should be exempt from 1g. The thing is, thats already the case so long the player in question doesn't report it and then immediately start utilizing it or was aware of its effects and was utilizing it before reporting it.
I could be completely wrong on my interpretation but thats my 2 cents.
My viewpoint on this goes something like this. If a player discovers an exploit in places like Minecraft, Spigot, or even something the server uses, reports it, and never uses it on the server again after that, they are granted an exception of the rule for that case only. If, however, they discover an exploit and then begin abusing it after initially reporting it, they lose the exception they had and can be sanctioned for it.
I'm leaning towards a vouch because I disagree with Ashaz. If you are messing around with NBT and find a new exploit, you wouldn't know that it was an exploit in the first place unless you accidentally used it.
I would think something like this:
QuoteIf the exploit is unheard of, unreported, or unknown to us, and you used it BUT reported the exploit to us, ("reporting" in this case meaning giving proper steps to be able to reproduce it), then you are free from consequences.
However, if the exploit is known, if it's still used after being reported, if the player refuses to report the exploit, then consequences are to be seen
This would give players who know exploits we are unaware of and abusing them a chance to redeem themselves by giving us the exploit, and how/why it works. While people who are just here to abuse exploits will get punished, since they refuse to cooperate.
I'm tired, so it's probably not explained the /best/, but I think people get the gist of it
↩ StevenNL2000 The idea I received from this thread was that if a player discovers an exploit, they can report it and become exempt from the rule. However, this creates a loophole as we don't know if the player actually discovered it themselves or just pretended to discover it.
Should now be addressed under the new community guidelines.