restrict access

  • _gonzo_

    _gonzo_ - 2006-11-23

    I noticed that users can read files they shouldn't be allowed to see.
    /etc/passwd or
    ~/.znc/configs/znc.conf or
    files from other znc users
    and so on.

    Even when "Deny LoadMod" is activated and shell module is not allowed for them!
    They've just got to use the get or send command.

    How to avoid this?
    Is there a setting for configfile to disable this 2 commands?
    If not, i would recommend it.

    Another suggestion:
    It would be nice if a admin could control wich Mods a user should be allowed to load.
    (either allow this mods or deny following mods - maybe as global setting (if module not activated by admin via edit user))


Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:

No, thanks