ability to add user who can run jishaku on the fly

[timelessnesses]

The Problem

When I want my friends to try out some commands I have no way to make jishaku accept other's command other than explicitly specify owners_id in it and I don't want to restart the bot now

The Ideal Solution

could add command add_perm <user_id> and append it to owners list and remove_perm <user_id> for remove permission and temp_perm <user_id> <duration> for temporary jishaku permission and also maybe a permission system where you can restrict what user can access what command

The Current Solution

Only changing owners_id keyword argument in my knowledge

Summary

Ability to add who can run jishaku while not restarting the bot

[Gorialis]

This isn't going to be implemented because it goes against the security ethos of Jishaku. I understand that this is not really formally documented anywhere outside of random issue comments, so let's go over why I think this is a bad idea, and hopefully you'll agree with me by the end of it.

Jishaku's primary principle when it comes to dealing with safety and security mainly boils down to the following:

Trust the user's intent, but not their hand -

Developers are great and smart people who help build value for technology - they do this in a variety of ways and it is generally not my principle to dictate how this is done (or at least, not to systematically enforce how they do it). However, developers make mistakes, and they do so with rather alarming regularity - it's just a normal part of the development process.

This creates a conflict of interest when you're trying to build a tool that "does the right thing most of the time". No one extreme is truly adequate - plastic safety scissors might be great for cutting paper or card, but for the real construction tasks, it's not going to do. On the other hand, if you start handing out razor blades to everyone who asks, you're bound to get some very nasty accidents.

Jishaku thus weighs its actions based on how verifiable the intent behind the action is. If something appears to be both dubious in its utility, and not obviously genuine in its intent, then Jishaku might swoop in to save you. But if one day you decide that burning your own house down is constructive to your cause - Jishaku will trust that you've made this decision with the appropriate attentiveness and grace.

To that end, with intent, access to Jishaku constitutes the possibility of:

• Compromising your credentials
• Installing malware
• Hacking into other machines on your network
• Erasing your operating system
• Nuking or otherwise inconveniencing servers
• Getting your Discord account banned
• Making you, the bot owner, liable to lawsuits or other legal repercussions for any of the above

It may be the case that you did not realize that Jishaku is capable of these liabilities. And this is indeed probably because you never had the intent to do any of them.

Even if you did, the people who you wish to entrust Jishaku to might not, or may not take the impact of such power seriously.

Of course, this reservation does not mean that I'll stop you from giving other people access. In fact, there already is a method for doing this - the owner_ids method (or any other method of overriding ownership as detailed in the documentation). As you mention though, this is a process that requires a special effort and time to do. In other words, it requires your intent to be genuine in order to pull it off.

While your proposition would be convenient, its big downfall is that it too easily allows people to grant dangerous amounts of power by mistake. Based on what I've seen over the years, something in the ballpark of 80% of Jishaku's users end up using it because they see someone else doing so. These people probably don't, and may never, actually read the documentation to figure out what everything does.

Indeed, many people who get into bot development do so partially as a project to refine their own programming skills. It may be the case that someone who uses Jishaku and comes across this command is in the midst of their first ever project in Python. Such a user could use this command out of pure curiosity not realizing its implications, or they may get socially engineered to give access to bad actors that seek to exploit their naïveté.

To that end, in my opinion,

Implementing such a command would pose too much of a security risk to users of Jishaku by enabling them, or the people they entrust, the ability to accidentally, or purposefully, do harm.

While the nature of Jishaku's license would release me from all responsibility or liability should such events happen, I believe it is regardless part of my greater moral responsibility to protect users of Jishaku from obvious destructive mistakes. This is part of Jishaku's blood and fibre - part of the reason why I make and maintain it is because it reduces the amount of people who trip themselves up with open evals or improper security considerations.

If you, regardless, decide to go the route of implementing this feature yourself, I suggest you take extreme care with your code and seriously think about who you trust and why.

[timelessnesses]

oh thanks I understand it now. thanks for explaining it to me

On Tue, Nov 29, 2022, 02:59 Devon R @.***> wrote:

Closed #191 https://github.com/Gorialis/jishaku/issues/191 as completed.

— Reply to this email directly, view it on GitHub https://github.com/Gorialis/jishaku/issues/191#event-7906381277, or unsubscribe https://github.com/notifications/unsubscribe-auth/AOIPOX3HPXKD4SOWXCY5FK3WKUFJHANCNFSM6AAAAAASM4A53E . You are receiving this because you authored the thread.Message ID: @.***>