sourcemod icon indicating copy to clipboard operation
sourcemod copied to clipboard
verified publisher icon alliedmodders

Patch-up InternalFilterCommandTarget during connection phase.

Open KyleSanderson opened this issue 6 years ago • 3 comments

As a christmas gift to a peer I've finally looked at this problem. During the connection phase immunity rules are ignored and as a result a "lower level admin" can kick a "higher level admin" or queue a bunch of timers on them while they're still downloading the level. By adding these additional checks to InternalFilterCommandTarget I think we can fix this everywhere while not introducing any additional issues.

This is untested against master as my production gear is running an older version of core.

KyleSanderson avatar Dec 28 '18 06:12 KyleSanderson

The existing behaviour here is intentional, with this change you can't kick or ban someone spoofing a privileged user's SteamID.

asherkin avatar Dec 28 '18 10:12 asherkin

sm_rcon is the sudo of sourcemod. No matter what the user sets as their AuthID the user can always be removed by the console.

KyleSanderson avatar Dec 28 '18 17:12 KyleSanderson

@asherkin do you still feel the same way about this?

KyleSanderson avatar Apr 18 '21 23:04 KyleSanderson