Anope IRC Services

Please login or register.

Login with username, password and session length
Advanced search  

News:

Pages: [1]   Go Down

Author Topic: big bug at Operserv at 1.7.18  (Read 2466 times)

0 Members and 1 Guest are viewing this topic.

seraphim

  • Guest
big bug at Operserv at 1.7.18
« on: August 12, 2007, 06:15:18 PM »

There is a big bug at 1.7.18!

i´m Services Operator, and i can use and see the same as root admin!

at 1.7.19 it isn´t like this, but the network owner got a few weeks ago 1.7.18 and there was no such bug.

[Bearbeitet am 12-8-2007 von seraphim]
Logged

katsklaw

  • Guest
(No subject)
« Reply #1 on: August 12, 2007, 07:54:00 PM »

On 1.7.19 IRCops can see the modlist, that is intended behaviour, check the help. I do see that os modinfo is a root command and IRCops can use that. This is either an error in the help system as to whom has access or it is indeed a bug. It's not some huge security violation though as modinfo doesn't really reveil any damaging information about anything. it simply gives the module version, author and added commands.

HOWEVER, only root has access to admin add, modload and unload. Admins have access to everything else, this is also intended behaviour, not a bug.

In anope-svn there are some changes to what oper level can access which commands. This is part of some restructuring.


[14.49.54] -OperServ- Module: m_flood Version: 1.0 Author: Certus loaded: Aug 12 14:32:27 2007 EDT
[14.49.54] -OperServ- Providing IRCD handler for: PRIVMSG


If you are uncomfortable with the default layout you are welcome to use my os_access_levels module which alls you to define who can do what including the ability to disable individual commands completely

The module is located on the module site: here
Logged
Pages: [1]   Go Up