Possible security hole

[Edge100x]

[MiD]Arcticman-TPF- has just reminded me of an important potential security hole for all rented servers that run statsme. He notes that this line in statsme.cfg can cause a serious security risk:

// Set password for StatsMe Menu (no password disables menu)
sm_menupassword "root" // To display menu type as player in the console: statsme_menu root

If you have this line in your statsme.cfg file with the password "root", I recommend that you change that password immediately, to something difficult to guess. This is a widely exploited problem with the default configuration of statsme, and it can allow outsiders to do things on your server that you definitely wouldn't want!