SadieCat
commented
5 years ago The code for this looks fine? It will reject the mode parameter if its not correct, can you set it using /MODE and that parameter normally?
cc: @genius3000
Closed KoraggKnightWolf closed 5 years ago
SadieCat
commented
5 years ago The code for this looks fine? It will reject the mode parameter if its not correct, can you set it using /MODE and that parameter normally?
cc: @genius3000
KoraggKnightWolf
commented
5 years ago Yes the regular /mode works exactly as intended, just oddly /cs mode with a channel param doesn't as @genius3000 suggested that the Anope side is fine I opened the issue on here.
genius3000
commented
5 years ago I haven't had a chance to look further into it but I think it's checking the bot's status which fails.
genius3000
commented
5 years ago The issue is that when ChanServ (or the assigned service bot to that channel) send the FMODE it's checked for proper parameters and with freeredirect disabled, this checks the status mode of the sending user (service bot) in the given redirect channel. If the same bot isn't in the redirect channel (or is missing halfop or higher status) it will deny the mode change. The fact that one can set this mode via Anope to any channel that uses the same bot or by using mode lock to entirely bypass the check is the real issue.
I could block services setting this mode entirely and (I believe) block the mlock as well, but I'd rather not have to do that. I'll look into if I can write a 3rd party mode handler for Anope to correctly check the parameters (but from a quick look, I don't think I can).
For now I'd say be mindful of the limitation/ability of using services to set/mlock this mode.
KoraggKnightWolf
commented
5 years ago Dear @genius3000 ,
Thanks a lot for looking into this code and helping to reveal this security consideration (users being able to toss people from #A to #B cause someone with /cs mode access in #A does not like chan #B etc) as it could have lead to unpleasant side effects in the long run if abused. I have resorted to simply disable redirects altogether for the sake of preventing "teleportation"/redirect "wars". It is good that the module has the options it comes with so each network can tweak the behaviour as desired.
Regards,
Koragg
genius3000
commented
5 years ago So I was able to write an Anope module to provide better support for m_joinpartspam. It prevents abuse of the redirect (by disallowing it) and verifies the cycles, duration, and block time parameters. Unfortunately I didn't see a way to verify the channel redirect parameters. I'll update the module if I find a way later.
Reference: https://github.com/genius3000/anope-modules/commit/8746f7c6058dbe4003cd557cc3ffef82c3003aa6
It appears that when a redirect channel is specified when executing chan mode +x via /cs mode #chan set +x 5:300:1800:#blah (as example where I also do have at least halfops in #blah as well)) that Anope's ChanServ will NOT set the mode. However adding/removing it from mode lock works as intended. Discussion on #anope revealed that Anope sends the FMODE yet this module seems to be suppressing it somehow, hence why I am opening the issue on here as a reminder.
Regards,
Koragg