Vending machines are not linked to an account when created, allowing you to link them to your own account

[SonixApache]

Description of issue

Vending machines are not linked to an account when created, allowing you to link them to your own account. This means that you can go up to any roundstart or spawned-in vending machine, slap it with your ID, and link it to your account for free money.

Difference between expected and actual behavior

Slap vending machine with ID, get asked for the station account number. vs Slap vending machine with ID, get asked to input a number I want to link

Steps to reproduce

Slap a vending machine with an ID. Any vending machine. I used cola machines.

Specific information for locating

https://github.com/vgstation-coders/vgstation13/blob/f03b1c69b7a63a23c837bb73cd16a3f2f9910689/code/game/machinery/vending.dm#L485

Server revision

f03b1c69b7a63a23c837bb73cd16a3f2f9910689

[StreptoMutans]

If an account is added, you need to know its number to unlock the maintenance hatch for hacking. Is this the ending to vendor hacking?

[Zth--]

@StreptoMutans that's only for the vending machines with the SECUREDPANEL flag

[Zth--]

Oh, wait, the flag is on the constructor, so yes, someone should move that flag to custom machines only

[Kurfursten]

Just in case it wasn't clear, I want to confirm that it does end vendor hacking. I encountered this one on Deff, a public vendor had the random throwing items event and I couldn't hack it to disable because someone has slapped it with an ID.

[SonixApache]

Yeah, that is in fact the case.