The auto-op system with regex is way too open. When somebody joins, it checks first the username and host, and then _only_ the host. The host regexp must be kept pretty open for people with dynamic IPs (for example, my host name is ~per@adsl-33451.turboline.skynet.be, and I'm sure that'll change on my next logon).
So, when checking those regexes, the system is kept open to anyone joining from the same ISP as me. For example, I use the regex .*@.*\.turboline\.skynet\.be, so anyone using Skynet's ADSL service would be auto-opped.
Furthermore, the same type of checking is not done in the on_prinvmsg() method, there it only checks the username _and_ host match.
So, my suggestion would be to remove this part in the on_join method(indenting may be wrong):
except KeyError:
#remove from here: -----
for ii in a2kconf.op.keys():
if a2kconf.op[ii].search(userhost):
self.ircobj.execute_delayed(a2kconf.opdelay,self.make_chanop,(connection,whonick))
# --- and to here
Logged In: YES
user_id=247
Development and support for A2K/Accutron 2000 has ended. The code
is under GPL, so you are welcome to make any fixes and/or
distribute your fixed version. However, no changes will be made
here.
Logged In: YES
user_id=115971
This bug has been fixed in CVS. Checkout a copy if you want the fixed. It'll go into the next release of A2K.