fCraft Forums

Official fCraft server software forums
https://forum.fcraft.net/

[FIXED] /BanIP bans untouchable players

https://forum.fcraft.net/viewtopic.php?t=3842

Page 1 of 1

[FIXED] /BanIP bans untouchable players

Posted: September 1st, 2012, 6:37 pm
by Hellenion
Once a player gets the BanIP permission, any limit on their banning capabilities is nullified, since they can simply ban the IP address of any player, including, for example, the Owner's IP.

When banning an IP address, any players on that IP address that you should not be able to affect must get a ban exemption. Likewise with /Banall

Re: /BanIP bans untouchable players

Posted: September 1st, 2012, 10:34 pm
by fragmer
Since fCraft 0.600, there have been checks in place to prevent what you are describing. IPBanList.BanIP (/banip <ip>), IPBanList.BanAll (/banall <ip>), PlayerInfo.BanIP (/banip <player>), and PlayerInfo.BanAll (/banall <player>) all perform this check.

If player who wrote the command does not have permission to ban ANYONE on the given IP address, the ban is denied.

Relevant bits of code (0.630_r1711):

Code: Select all

// IPBanList.BanIP - IPBanList.cs:280-285
// Check if any high-ranked players use this address
PlayerInfo infoWhomPlayerCantBan = PlayerDB.FindPlayers( targetAddress )
                                           .FirstOrDefault( info => !player.Can( Permission.Ban, info.Rank ) );
if( infoWhomPlayerCantBan != null ) {
    PlayerOpException.ThrowPermissionLimitIP( player, infoWhomPlayerCantBan, targetAddress );
}

Code: Select all

// IPBanList.BanAll - IPBanList.cs:430-435
// Check if any high-ranked players use this address
PlayerInfo[] allPlayersOnIP = PlayerDB.FindPlayers( targetAddress );
PlayerInfo infoWhomPlayerCantBan = allPlayersOnIP.FirstOrDefault( info => !player.Can( Permission.Ban, info.Rank ) );
if( infoWhomPlayerCantBan != null ) {
    PlayerOpException.ThrowPermissionLimitIP( player, infoWhomPlayerCantBan, targetAddress );
}

Code: Select all

// PlayerInfo.BanIP - PlayerInfo.Actions.cs:171-176
// Check if any high-ranked players use this address
PlayerInfo unbannable = PlayerDB.FindPlayers( address )
                                .FirstOrDefault( info => !player.Can( Permission.Ban, info.Rank ) );
if( unbannable != null ) {
    PlayerOpException.ThrowPermissionLimitIP( player, unbannable, address );
}

Code: Select all

// PlayerInfo.BanAll - PlayerInfo.Actions.cs:365-370
// Check if any high-ranked players use this address
PlayerInfo[] allPlayersOnIP = PlayerDB.FindPlayers( address );
PlayerInfo infoWhomPlayerCantBan = allPlayersOnIP.FirstOrDefault( info => !player.Can( Permission.Ban, info.Rank ) );
if( infoWhomPlayerCantBan != null ) {
    PlayerOpException.ThrowPermissionLimitIP( player, infoWhomPlayerCantBan, address );
}
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited