[Bug 3593] New: voting system is insecure
bugzilla-daemon at icculus.org
bugzilla-daemon at icculus.org
Tue Apr 8 21:29:03 EDT 2008
http://bugzilla.icculus.org/show_bug.cgi?id=3593
Summary: voting system is insecure
Product: Quake 3
Version: SVN HEAD
Platform: All
OS/Version: All
Status: NEW
Severity: major
Priority: P3
Component: Misc
AssignedTo: zakk at icculus.org
ReportedBy: devhc97 at gmail.com
QAContact: quake3-bugzilla at icculus.org
Could we rewrite the voting system, or just borrow the voting code from
somewhere like Tremulous? Because the current method of sending raw vote
command lines to the command interpreter is insecure and highly abusable.
An example: the command interpreter accepts semicolons and newlines as command
separators. There's a hack to work around (refuse) command lines with
semicolons, but newlines aren't checked for. Due to this I have been able to
execute arbitrary commands on the server by sending newlines in the callvote
(map, kick, etc.) command's parameters (minimum source code modification was
required). Such a command was "quit", which successfully shut down the server,
without any administrative rights whatsoever.
I will defer talking about possibilities of votekick-proof names, there are
many.
Fortunately, any decent mod (honestly, all that I've seen/tested on the master
server list), have a proper voting system.
--
Configure bugmail: http://bugzilla.icculus.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug, or are watching the QA contact.
More information about the quake3-bugzilla
mailing list