I noticed that users can read files they shouldn't be allowed to see.
files from other znc users
and so on.
Even when "Deny LoadMod" is activated and shell module is not allowed for them!
They've just got to use the get or send command.
How to avoid this?
Is there a setting for configfile to disable this 2 commands?
If not, i would recommend it.
It would be nice if a admin could control wich Mods a user should be allowed to load.
(either allow this mods or deny following mods - maybe as global setting (if module not activated by admin via edit user))
for the module thing there is a feature request:
The bug with get and send has been fixed, here is the patch:
The patch currently has one downside (this....is....a...file...name is denied) but i dont think this is too moch of an issue and im currently too lazy to dig out the fix for the fix (though it is somewhere out there).
Sign up for the SourceForge newsletter:
You seem to have CSS turned off.
Please don't fill out this field.