But really, thank you for explanation. I will try to get more into this over time.
And just to be clear, even server sided .lua can be viewed/changed by client with appropriate equipment, right? Or just any information in client sided part of the script eg. “client.lua” is vulnerable?
And have mercy on me, I am a noob trying to learn all this from ground up
If I understand it correctly, if you make your config file part of the client load, it’s just as vulnerable. You would want to only include it serverside and then make calls from client every time you need something from it.
A slightly longer summary of the previous text or at least what I understood as a programmer to be done and the problem referred to in this post.
Correct me if I am wrong @ioerror
Hmm…what about things like score calculations. It’s a lot easier to have each client perform a score calc than forcing the server to perform processing for eeevery singggle player. But it’s definitely insecure…Would you say this kind of thing isn’t securable?
Love this guide by the way - A great brain shift on how to build secure apps!