View Issue Details
|ID||Project||Category||View Status||Date Submitted||Last Update|
|0002601||unreal||ircd||public||2005-07-27 06:59||2006-08-20 18:35|
|Target Version||Fixed in Version||3.2.6|
|Summary||0002601: Non-SSL Opers can join +z channel with SAJOIN|
|Description||Operators that can use SAJOIN can use it to join +z (SSL-Only) channels, even when they don't have a secure connection.|
|Tags||No tags attached.|
|3rd party modules|
||I don't think this is a bug... If an oper needs to join a channel becuase s/he has been recieving reports of abusive activity within the channel, s/he should be able to join the channel no matter what modes it has. SAMODE can be used, but does not do much when the services MLOCK +z on the channel.|
it is definetly a bug, overriding +z the normal way will unset +z. The reason is clear because +z indicates a secure communication and with a non-ssl oper joining the channel, the communication is leaked to plain. When SAJOIN is used on a +z channel and the person joining does not have SSL, the server should unset +z like it does for normal overriding.
edit: about the mlock thing, if the situation ever arises, why dont u simply unset the mlock? or even better, simply use SSL :P opers should do that anyway...
Is not a Bug because an IRCOP should SAJOIN +z +k or +i Channels to have a
Look. I can SAJOIN normal NON OPER Users to an OPER Channel with mode +O without any Problems. I think, this is a normal Oper Override Function.
Correct me if i think wrong.
It isnt about overriding or not... you will still be able to override +z with or without SAJOIN. The point is, when overriding with SAJOIN, then +z must be removed from the channel automatically, as it is done when overriding it with /invite.
And I was told the bug is being fixed soon.
Right, it should either -z, or deny the join.
Btw, I find it quite annoying that /sajoin is used nowadays by opers to join _themselves_ in channels, instead of the usual /invite thing. This is of course a consequence of the change that was made a few versions ago so SAJOIN could join trough modes (like the example HERZ mentioned), but I'm not so sure if that was a good move... Well, we could of course deny /SAJOIN on people themselves :P.
In any case, add some more notices stuff... The opers already see an SAJOIN notice, but the channel members do not (while they DO with operoverride trough /invite).
As for +z... well like I said, it should either -z (otherwise the +z is giving a false signal), or deny the SAJOIN. -z makes most sense I think, though it just depends on how you look at it :P.
This is all for post-3.2.4 btw.
||You can operoverride with /invite already. it will however, unset +z. I think the SAJOIN thing should be fixed, at least to work like operoverride on such channels.|
||Fixed in CVS of 3.2* and 3.3*... I simply made it block a /sajoin of an insecure user to a +z channel, let the oper have some brain instead of making things too automated ;).|
|2005-07-27 06:59||phedny||New Issue|
|2005-07-27 14:42||Stealth||Note Added: 0010269|
|2006-01-26 10:03||decoder||Note Added: 0011062|
|2006-01-26 13:29||decoder||Note Edited: 0011062|
|2006-01-26 13:30||decoder||Note Edited: 0011062|
|2006-01-26 15:35||HERZ||Note Added: 0011066|
|2006-01-26 15:38||decoder||Note Added: 0011067|
|2006-01-27 15:00||syzop||Note Added: 0011082|
|2006-01-27 15:00||syzop||Status||new => confirmed|
|2006-01-29 16:12||JasonTik||Note Added: 0011100|
|2006-08-20 18:35||syzop||Status||confirmed => resolved|
|2006-08-20 18:35||syzop||Fixed in Version||=> 3.2.6|
|2006-08-20 18:35||syzop||Resolution||open => fixed|
|2006-08-20 18:35||syzop||Assigned To||=> syzop|
|2006-08-20 18:35||syzop||Note Added: 0012199|