[IRCServices] secure Identify Feature..

David D. Wachtveitl dwachtve at hotmail.com
Tue Apr 13 18:12:19 PDT 2004


Also, it would prevent an "over the shoulder" viewer of the password the
ability to use it.  I keep an access mask on my nick ident for this very
reason.  I think it makes some sense to have this on the channel founder as
well (as an option).  Of course, if for some reason you are the founder and
no longer have access to the mask you set for yourself, you could be sol
also :P


----- Original Message ----- 
From: "Craig McLure" <Craig at chatspike.net>
To: "mark at ctcp.net, IRC Services Gene"
<mark at ctcp.net,ircservices at ircservices.za.net>
Sent: Tuesday, April 13, 2004 8:39 PM
Subject: Re: RE: RE: [IRCServices] secure Identify Feature..


> I read this mail, and read it again, and its absolutly right, with some
careful manipulation of the /cs levels command, along with /cs access, you
can basically give people 'Founder' privs without them being founder.
Another possible advantage to this command thou.. If for some weird reason,
someone finds your channel password, this command would prevent them from
doing anything with it, as they would not be able to log on as channel
founder (Unless they were on the access list). sometimes the distributation
of channel passwords may be present when the real founder cant get at the
channel for various reasons, and they give the password to the successor, or
someone else trustworthy. From where i'm sitting, I cant really see any
other real use for this function.
>
> /****************************************
>  *     Craig "FrostyCoolSlug" McLure
>  * InspIRCd   - http://www.inspircd.org  - REVIVED
>  * ChatSpike  - http://www.chatspike.net
>  ****************************************/
>
>
> /****************************************
>  * From    - M <mark at ctcp.net>
>  * To      - 'IRC Services General Mailing List'
<ircservices at ircservices.za.net>
>  * Sent    - 2004-04-13 23:08:45
>  * Subject - RE: RE: [IRCServices] secure Identify Feature..
>  ****************************************/
>
> /****** - Begin Original Message - ******/
>
> >Craig McLure wrote:
> >> This command would add things to make the channel more secure
> >> thou, If you did give the channel founder password to people
> >> you trust, and you find its being abused, you can simply
> >> remove that person from the access list, this way you dont
> >> need to worry about changing the password and re-distributing it :)
> >
> >The way to be secure is not to give out the founder password. You could
> >apply the same short sighted reason for a "/ns set
> >letotherpeopleaccessmynick pass" request.
> >
> >The founder password is designed to give the channel founder access to
> >manage the ownership of the channel. There is no need to give out the
> >password to anyone, channel management through others is provided via op
> >status.
> >
> >If for some peculiar reason a channel founder wishes to share the
password
> >then IMO that is their problem. The chances are that any user that would
> >require modifying the access list to "fix" this, would likely be
attempted
> >too late since a rogue user could have merely taken ownership of the
channel
> >thereby making the option and the founder password redundant and merely
make
> >it a problem that administrators waste time on.
> >
> >The founder can already provide access to whatever commands an op needs
via
> >levels which is far more secure and already subject to access list
> >restrictions.
> >
> >What function of founder status is required that warrants removing the
> >founder status by supporting sharing of it?
> >
> >M.
> >
> >
> >------------------------------------------------------------------
> >To unsubscribe or change your subscription options, visit:
> >http://www.ircservices.za.net/mailman/listinfo/ircservices
> >.
>
> /******* - End Original Message - *******/
>
>
>
> ------------------------------------------------------------------
> To unsubscribe or change your subscription options, visit:
> http://www.ircservices.za.net/mailman/listinfo/ircservices
>