Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fixes maintainer access to the profiler and clears profiler access whenever admins are loaded. #7909

Merged
merged 7 commits into from
Jan 13, 2025
Merged

Fixes maintainer access to the profiler and clears profiler access whenever admins are loaded. #7909

merged 7 commits into from
Jan 13, 2025

Conversation

Watermelon914
Copy link
Contributor

@Watermelon914 Watermelon914 commented Dec 25, 2024
edited
Loading

About the pull request

As explained by the title.

Explain why it's good for the game

Prevents a vulnerability where someone who previously had access to the profiler retains access despite no longer requiring it.

No player facing change so changelog not needed

@Watermelon914 Watermelon914 mentioned this pull request Dec 25, 2024
Closed
@cmss13-ci cmss13-ci bot added the Missing Changelog Maintainers always document their changes. label Dec 25, 2024
@Watermelon914 Watermelon914 added Fix Fix one bug, make ten more and removed Missing Changelog Maintainers always document their changes. labels Dec 25, 2024
@cmss13-ci cmss13-ci bot added the Missing Changelog Maintainers always document their changes. label Dec 25, 2024
cm13-github added a commit that referenced this pull request Dec 25, 2024
@cm13-github
TGS Test Merge (#7909)
3fee7d7
cm13-github added a commit that referenced this pull request Dec 25, 2024
@cm13-github
TGS Test Merge (#7909)
acb1754
cm13-github added a commit that referenced this pull request Dec 25, 2024
@cm13-github
TGS Test Merge (#7909)
d98c34c
cm13-github added a commit that referenced this pull request Dec 25, 2024
@cm13-github
TGS Test Merge (#7909)
1796b1f
This was referenced Dec 26, 2024
Open
Closed
Closed
Drulikar
Drulikar requested changes Dec 26, 2024
View reviewed changes
Copy link
Contributor

@Drulikar Drulikar left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I do not understand why on event server this works (after a reconnect - not first connect); but not on live (even with reconnects). I can confirm for both servers the cfg/admin.txt is assigned to be some_ckey role=admin for only those who have connected this round, and the perms for the file are the same for both servers.

But the aspect of requiring a reconnect is wonky as is. So try setting up the admin.txt during init (e.g. after load_admin_ranks) rather than on associate?

@Drulikar Drulikar marked this pull request as draft December 26, 2024 20:14
@cm13-issue-bot cm13-issue-bot mentioned this pull request Dec 26, 2024
Open
@Watermelon914
Copy link
Contributor Author

I do not understand why on event server this works (after a reconnect - not first connect); but not on live (even with reconnects). I can confirm for both servers the cfg/admin.txt is assigned to be some_ckey role=admin for only those who have connected this round, and the perms for the file are the same for both servers.

But the aspect of requiring a reconnect is wonky as is. So try setting up the admin.txt during init (e.g. after load_admin_ranks) rather than on associate?

I was doing testing with harryob, and the admin.txt was getting populated with ckeys. The problem isn't related to code, it's related to the cm-live server and it's unclear what might be causing it. In any case, this PR is still useful to merge since it clears up a potential vulnerability where people stay in the admin.txt despite probably not being an admin anymore.

@cm13-issue-bot cm13-issue-bot mentioned this pull request Dec 27, 2024
Open
cm13-github added a commit that referenced this pull request Dec 27, 2024
@cm13-github
TGS Test Merge (#7909)
383430b
This was referenced Dec 27, 2024
Closed
Closed
cm13-github added a commit that referenced this pull request Dec 27, 2024
@cm13-github
TGS Test Merge (#7909)
a9cf9b6
cm13-github added a commit that referenced this pull request Dec 27, 2024
@cm13-github
TGS Test Merge (#7909)
5c48922
@Watermelon914 Watermelon914 marked this pull request as ready for review December 28, 2024 17:04
cm13-github added a commit that referenced this pull request Jan 7, 2025
@cm13-github
TGS Test Merge (#7909)
df84e4d
cm13-github added a commit that referenced this pull request Jan 7, 2025
@cm13-github
TGS Test Merge (#7909)
c5aa848
@cm13-issue-bot cm13-issue-bot mentioned this pull request Jan 7, 2025
Closed
cm13-github added a commit that referenced this pull request Jan 7, 2025
@cm13-github
TGS Test Merge (#7909)
4e85ff4
@cm13-issue-bot cm13-issue-bot mentioned this pull request Jan 7, 2025
Closed
cm13-github added a commit that referenced this pull request Jan 7, 2025
@cm13-github
TGS Test Merge (#7909)
1b1daf0
@cm13-issue-bot cm13-issue-bot mentioned this pull request Jan 7, 2025
Closed
cm13-github added a commit that referenced this pull request Jan 7, 2025
@cm13-github
TGS Test Merge (#7909)
0b6d82a
cm13-github added a commit that referenced this pull request Jan 7, 2025
@cm13-github
TGS Test Merge (#7909)
613c4f4
@MistChristmas MistChristmas mentioned this pull request Jan 7, 2025
Open
3 tasks
This was referenced Jan 7, 2025
Open
Closed
@MistChristmas MistChristmas mentioned this pull request Jan 7, 2025
Closed
3 tasks
@cm13-issue-bot cm13-issue-bot mentioned this pull request Jan 7, 2025
Open
cm13-github added a commit that referenced this pull request Jan 8, 2025
@cm13-github
TGS Test Merge (#7909)
d4b4938
@TheManWithNoHands TheManWithNoHands mentioned this pull request Jan 8, 2025
Open
3 tasks
@cm13-issue-bot cm13-issue-bot mentioned this pull request Jan 8, 2025
Closed
cm13-github added a commit that referenced this pull request Jan 8, 2025
@cm13-github
TGS Test Merge (#7909)
c1f3b00
@cm13-issue-bot cm13-issue-bot mentioned this pull request Jan 8, 2025
Closed
cm13-github added a commit that referenced this pull request Jan 8, 2025
@cm13-github
TGS Test Merge (#7909)
7c9217c
@cm13-issue-bot cm13-issue-bot mentioned this pull request Jan 8, 2025
Closed
@MistChristmas MistChristmas mentioned this pull request Jan 9, 2025
Closed
3 tasks
@Paperybirch Paperybirch mentioned this pull request Jan 10, 2025
Open
3 tasks
@cm13-issue-bot cm13-issue-bot mentioned this pull request Jan 10, 2025
Closed
cm13-github added a commit that referenced this pull request Jan 10, 2025
@cm13-github
TGS Test Merge (#7909)
785407f
This was referenced Jan 10, 2025
Open
Open
@hry-gh hry-gh added this pull request to the merge queue Jan 13, 2025
Merged via the queue into cmss13-devs:master with commit 31a3b39 Jan 13, 2025
29 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Drulikar Drulikar Drulikar requested changes

Assignees
No one assigned
Labels
Fix Fix one bug, make ten more Missing Changelog Maintainers always document their changes.
Projects
Review Backlog
Archived in project
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@Watermelon914 @Drulikar @hry-gh