[IRCServices] Services 4.5pre2 released

Andrew Church achurch at achurch.org
Mon Feb 5 07:45:22 PST 2001


>Ok so far I have three issues that I would like Andrew to check :
>
>1- OperServ is NOT sending a GLOBAL to the IRC Operators when someone tries
>to access SU status with the wrong password and it says its supposed to.

     Fixed.

>2- Wouldn't it be good if OperServ sends that notice whenever someone gets
>SU ? just for security reasons I belive ROOT should be informed everytime
>someone gets SU status.

     RTFM (WallSU configuration directive).

>3-For sercurity reasons I strongley believe Services Admins and SU Admins
>should NOT be able to use GETPASS on the ORIGINAL ROOT user.
>
>What if an Admin allowed to use SU becomes an enemy of the network then goes
>becomes SU and changes the ORIGINAL ROOT nick password and the SU password ?

     Then you chose your Services admins badly.  Look, I'm NOT going to
protect you from every possible mistake you might make.  If you're afraid
of this happening, then DON'T SET AN SU PASSWORD.  It's that simple.

  --Andrew Church
    achurch at achurch.org | New address - please note.
    http://achurch.org/ | $B%a!<%k%"%I%l%9$,JQ$o$j$^$7$?!#(B