All impulse commands able to be used

gemidyne / microtf2

A custom gamemode for Team Fortress 2 - Players compete against each other to get the most points by playing a series of rapid fire microgames in order to win the round!

https://www.gemidyne.com/projects/microtf2

GNU General Public License v2.0

30 stars 17 forks source link

All impulse commands able to be used #103

Closed FortyTwoFortyTwo closed 5 years ago

FortyTwoFortyTwo commented 5 years ago

https://wiki.teamfortress.com/wiki/Cheats#impulse

some impulse numbers does not require sv_cheats to be used, so it did not get into the list of banned commands.

One of the biggest issue with this is the skulls, impulse 102, since anyone is able to spam spawn skull entity, eventually leading to a crash from entity count.

Though i would not complete ban the command because of spray impulse 201, as people commonly use it which doesn't really affect gameplay or break servers.

safalin1 commented 5 years ago

I see, I think the command should be (by default) completely banned but with some of the ids whitelisted, such as spray, custom snd play and the spy disguise ids.

I'll look into this as an urgent issue and release an update to resolve this asap.

safalin1 commented 5 years ago

The fix has now been released, in 2019.1E - https://github.com/gemidyne/microtf2/releases/tag/2019.1E

Thank you very much for reporting this security issue, it is greatly appreciated!