[IRCServices] secure Identify Feature..

Craig McLure Craig at chatspike.net
Tue Apr 13 17:39:43 PDT 2004


I read this mail, and read it again, and its absolutly right, with some careful manipulation of the /cs levels command, along with /cs access, you can basically give people 'Founder' privs without them being founder. Another possible advantage to this command thou.. If for some weird reason, someone finds your channel password, this command would prevent them from doing anything with it, as they would not be able to log on as channel founder (Unless they were on the access list). sometimes the distributation of channel passwords may be present when the real founder cant get at the channel for various reasons, and they give the password to the successor, or someone else trustworthy. From where i'm sitting, I cant really see any other real use for this function.

/****************************************
 *     Craig "FrostyCoolSlug" McLure
 * InspIRCd   - http://www.inspircd.org  - REVIVED
 * ChatSpike  - http://www.chatspike.net
 ****************************************/


/****************************************
 * From    - M <mark at ctcp.net>
 * To      - 'IRC Services General Mailing List' <ircservices at ircservices.za.net>
 * Sent    - 2004-04-13 23:08:45
 * Subject - RE: RE: [IRCServices] secure Identify Feature..
 ****************************************/

/****** - Begin Original Message - ******/

>Craig McLure wrote:
>> This command would add things to make the channel more secure 
>> thou, If you did give the channel founder password to people 
>> you trust, and you find its being abused, you can simply 
>> remove that person from the access list, this way you dont 
>> need to worry about changing the password and re-distributing it :) 
>
>The way to be secure is not to give out the founder password. You could
>apply the same short sighted reason for a "/ns set
>letotherpeopleaccessmynick pass" request. 
>
>The founder password is designed to give the channel founder access to
>manage the ownership of the channel. There is no need to give out the
>password to anyone, channel management through others is provided via op
>status. 
>
>If for some peculiar reason a channel founder wishes to share the password
>then IMO that is their problem. The chances are that any user that would
>require modifying the access list to "fix" this, would likely be attempted
>too late since a rogue user could have merely taken ownership of the channel
>thereby making the option and the founder password redundant and merely make
>it a problem that administrators waste time on. 
>
>The founder can already provide access to whatever commands an op needs via
>levels which is far more secure and already subject to access list
>restrictions. 
>
>What function of founder status is required that warrants removing the
>founder status by supporting sharing of it? 
>
>M. 
>
>
>------------------------------------------------------------------
>To unsubscribe or change your subscription options, visit:
>http://www.ircservices.za.net/mailman/listinfo/ircservices
>.

/******* - End Original Message - *******/