egghelp.org community Forum Index
[ egghelp.org home | forum home ]
egghelp.org community
Discussion of eggdrop bots, shell accounts and tcl scripts.
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

Security review

 
Post new topic   Reply to topic    egghelp.org community Forum Index -> Scripting Help
View previous topic :: View next topic  
Author Message
Nathema
Voice


Joined: 13 May 2009
Posts: 15
Location: The Netherlands

PostPosted: Thu May 28, 2009 3:58 am    Post subject: Security review Reply with quote

I decided this week to write my own public commands script. Now i know there are security issues involved.
Before the script got too bulky i want to have the security done good.

Can some of u review the security in my script?

EDIT: My script went public. See here: http://forum.egghelp.org/viewtopic.php?t=16913


Last edited by Nathema on Thu May 28, 2009 4:50 pm; edited 1 time in total
Back to top
View user's profile Send private message Send e-mail Visit poster's website
nml375
Revered One


Joined: 04 Aug 2006
Posts: 2857

PostPosted: Thu May 28, 2009 9:43 am    Post subject: Reply with quote

A first comment, none of the commands are safe in the concept that there is no password verification of any user. If you make a slight typo or mistake when adding new hostmasks, or let people use the ident-command from shared IP-pools, this could very well grant one malicious user access to sensitive commands.

Other than that, your code looks ok at a first glance.
_________________
NML_375, idling at #eggdrop@IrcNET
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    egghelp.org community Forum Index -> Scripting Help All times are GMT - 4 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Forum hosting provided by Reverse.net

Powered by phpBB © 2001, 2005 phpBB Group
subGreen style by ktauber