View Issue Details

IDProjectCategoryView StatusLast Update
0002601unrealircdpublic2006-08-20 18:35
Reporterphedny Assigned Tosyzop  
Status resolvedResolutionfixed 
PlatformanyOSanyOS Versionany
Product Version3.2.3 
Fixed in Version3.2.6 
Summary0002601: Non-SSL Opers can join +z channel with SAJOIN
DescriptionOperators that can use SAJOIN can use it to join +z (SSL-Only) channels, even when they don't have a secure connection.
TagsNo tags attached.
3rd party modules



2005-07-27 14:42

reporter   ~0010269

I don't think this is a bug... If an oper needs to join a channel becuase s/he has been recieving reports of abusive activity within the channel, s/he should be able to join the channel no matter what modes it has. SAMODE can be used, but does not do much when the services MLOCK +z on the channel.


2006-01-26 10:03

reporter   ~0011062

Last edited: 2006-01-26 13:30

it is definetly a bug, overriding +z the normal way will unset +z. The reason is clear because +z indicates a secure communication and with a non-ssl oper joining the channel, the communication is leaked to plain. When SAJOIN is used on a +z channel and the person joining does not have SSL, the server should unset +z like it does for normal overriding.

edit: about the mlock thing, if the situation ever arises, why dont u simply unset the mlock? or even better, simply use SSL :P opers should do that anyway...


2006-01-26 15:35

reporter   ~0011066

Is not a Bug because an IRCOP should SAJOIN +z +k or +i Channels to have a
Look. I can SAJOIN normal NON OPER Users to an OPER Channel with mode +O without any Problems. I think, this is a normal Oper Override Function.

Correct me if i think wrong.



2006-01-26 15:38

reporter   ~0011067

It isnt about overriding or not... you will still be able to override +z with or without SAJOIN. The point is, when overriding with SAJOIN, then +z must be removed from the channel automatically, as it is done when overriding it with /invite.

And I was told the bug is being fixed soon.


2006-01-27 15:00

administrator   ~0011082

Right, it should either -z, or deny the join.

Btw, I find it quite annoying that /sajoin is used nowadays by opers to join _themselves_ in channels, instead of the usual /invite thing. This is of course a consequence of the change that was made a few versions ago so SAJOIN could join trough modes (like the example HERZ mentioned), but I'm not so sure if that was a good move... Well, we could of course deny /SAJOIN on people themselves :P.

In any case, add some more notices stuff... The opers already see an SAJOIN notice, but the channel members do not (while they DO with operoverride trough /invite).

As for +z... well like I said, it should either -z (otherwise the +z is giving a false signal), or deny the SAJOIN. -z makes most sense I think, though it just depends on how you look at it :P.

This is all for post-3.2.4 btw.


2006-01-29 16:12

reporter   ~0011100

You can operoverride with /invite already. it will however, unset +z. I think the SAJOIN thing should be fixed, at least to work like operoverride on such channels.


2006-08-20 18:35

administrator   ~0012199

Fixed in CVS of 3.2* and 3.3*... I simply made it block a /sajoin of an insecure user to a +z channel, let the oper have some brain instead of making things too automated ;).

Issue History

Date Modified Username Field Change
2005-07-27 06:59 phedny New Issue
2005-07-27 14:42 Stealth Note Added: 0010269
2006-01-26 10:03 decoder Note Added: 0011062
2006-01-26 13:29 decoder Note Edited: 0011062
2006-01-26 13:30 decoder Note Edited: 0011062
2006-01-26 15:35 HERZ Note Added: 0011066
2006-01-26 15:38 decoder Note Added: 0011067
2006-01-27 15:00 syzop Note Added: 0011082
2006-01-27 15:00 syzop Status new => confirmed
2006-01-29 16:12 JasonTik Note Added: 0011100
2006-08-20 18:35 syzop Status confirmed => resolved
2006-08-20 18:35 syzop Fixed in Version => 3.2.6
2006-08-20 18:35 syzop Resolution open => fixed
2006-08-20 18:35 syzop Assigned To => syzop
2006-08-20 18:35 syzop Note Added: 0012199