Security flaws in MS

[Joost]

Server-side check, anybody?

That's exactly my point. dumbass.

if i send a packet to the server triggering the giveaccess event procedure, how can the server figure out if thats dumb or not? Its in the game so it makes sense.

Server should check if person giving access has the proper authority.

Just like with walking, server should confirm the player is only moving once a sevond, to a nearby tile. Same with attacking. If server confirms EVERY packet possible, you can make your game open source, have no security at all and your game would be unhackable.