It is currently November 21st, 2018, 4:05 am


All times are UTC




Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 2 posts ] 
Author Message
 Post subject: [FIXED] /BanIP bans untouchable players
PostPosted: September 1st, 2012, 6:37 pm 
User avatar

Joined: October 20th, 2011, 9:20 am
Posts: 220
Location: Subnet
Once a player gets the BanIP permission, any limit on their banning capabilities is nullified, since they can simply ban the IP address of any player, including, for example, the Owner's IP.

When banning an IP address, any players on that IP address that you should not be able to affect must get a ban exemption. Likewise with /Banall

_________________
A = {x ∈ P(U) | x ∉ x}

Show
Mods:
  1. /Su - Allows players to temporarily become a different rank
  2. /Snap - Like /Line but only draws straight or diagonal lines.
  3. pre-0.630 skip/none block


Top
Offline Profile  
Reply with quote  
 Post subject: Re: /BanIP bans untouchable players
PostPosted: September 1st, 2012, 10:34 pm 
fCraft Developer
User avatar

Joined: May 21st, 2011, 10:53 pm
Posts: 1386
Since fCraft 0.600, there have been checks in place to prevent what you are describing. IPBanList.BanIP (/banip <ip>), IPBanList.BanAll (/banall <ip>), PlayerInfo.BanIP (/banip <player>), and PlayerInfo.BanAll (/banall <player>) all perform this check.

If player who wrote the command does not have permission to ban ANYONE on the given IP address, the ban is denied.

Relevant bits of code (0.630_r1711):
Code:
// IPBanList.BanIP - IPBanList.cs:280-285
// Check if any high-ranked players use this address
PlayerInfo infoWhomPlayerCantBan = PlayerDB.FindPlayers( targetAddress )
                                           .FirstOrDefault( info => !player.Can( Permission.Ban, info.Rank ) );
if( infoWhomPlayerCantBan != null ) {
    PlayerOpException.ThrowPermissionLimitIP( player, infoWhomPlayerCantBan, targetAddress );
}


Code:
// IPBanList.BanAll - IPBanList.cs:430-435
// Check if any high-ranked players use this address
PlayerInfo[] allPlayersOnIP = PlayerDB.FindPlayers( targetAddress );
PlayerInfo infoWhomPlayerCantBan = allPlayersOnIP.FirstOrDefault( info => !player.Can( Permission.Ban, info.Rank ) );
if( infoWhomPlayerCantBan != null ) {
    PlayerOpException.ThrowPermissionLimitIP( player, infoWhomPlayerCantBan, targetAddress );
}


Code:
// PlayerInfo.BanIP - PlayerInfo.Actions.cs:171-176
// Check if any high-ranked players use this address
PlayerInfo unbannable = PlayerDB.FindPlayers( address )
                                .FirstOrDefault( info => !player.Can( Permission.Ban, info.Rank ) );
if( unbannable != null ) {
    PlayerOpException.ThrowPermissionLimitIP( player, unbannable, address );
}


Code:
// PlayerInfo.BanAll - PlayerInfo.Actions.cs:365-370
// Check if any high-ranked players use this address
PlayerInfo[] allPlayersOnIP = PlayerDB.FindPlayers( address );
PlayerInfo infoWhomPlayerCantBan = allPlayersOnIP.FirstOrDefault( info => !player.Can( Permission.Ban, info.Rank ) );
if( infoWhomPlayerCantBan != null ) {
    PlayerOpException.ThrowPermissionLimitIP( player, infoWhomPlayerCantBan, address );
}


Top
Offline Profile  
Reply with quote  
Display posts from previous:  Sort by  
Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 2 posts ] 

All times are UTC


Who is online

Users browsing this forum: No registered users and 5 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum

Search for:
Jump to:  
cron
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group
Theme created StylerBB.net