[el hippo]

There is a serious security flaw in this plugin where any player can use sm_addadmin to add anyone as an admin. The 4-ish servers running this server need to fix or remove the plugin from their server.

The line:

Code:

RegConsoleCmd("sm_addadmin", Command_AddAdmin, "Adds an admin to admins_simple.ini", ADMFLAG_RCON);

Does not actually check for admin access. The flag in the RegConsoleCmd is a command creation flag, not an access flag.

Therefore you will need to switch to RegAdminCmd or implement flag checking within your function.

Fix (I have actually never used SourceMod before so this may be flawed):

Code:

RegAdminCmd("sm_addadmin", Command_AddAdmin, ADMFLAG_RCON, "Adds an admin to admins_simple.ini");

Hippo

[imported_Anth0ny]

useful plugin, thanks! =)
question: how can we use an admins.cfg instead admins_simple.ini?

[mateo10]

Updated and I think the security risk is removed with the update.

[Pietje]

Is it possible to instead of using the admins_simple.txt u can set it so the admins with root acces can add a guy to a group so u would get admins with the same flags??

[genipalla]

Quote:

Originally Posted by pRED* You can't remove lines from a file.. Best thing to do is open the file for reading, open another file for writing (say called admins_simple2.txt) then read a line from one and write it into the other. Once you get to the line you want to delete, skip the writing step. Once your finished close both files, delete admins_simple.txt and rename admins_simple2.txt to admins_simple.txt

instead of removing the files why not just re-edit the admin_simple.txt and put // in front of the admin that you want to remove?

also to reduce the security issue of the plugin i think that it should be run on a username and password.
For example:
the only way to access this plugin you must enter a given username and password.

these are just ideas that im throwin out here. ill try and script it.

[SixSicSix]

This plugin doesn't really work, sadly :\

It would be nice to integrate it into the admin menu with nested menus and flag on/off switches, as well as add by steam ID

[<SK> LittleD]

i am having a problem with my admins i did all this and restarted the server
and i told them to bind a key and they all are saying that is says unable to run command
help

[chief2493]

Is there any way you could modify this to write to other admin files not just sourcemod admin files?? as in I run sourceop on my server and i have to go into the server files to add a new admin, and it can be a real hassle, you would probably have to make it so that it adds like 1 line at a time and the person using it would have to do like sm_edit <file name> <line # (could put in last to make a new line after the last line)> <text to add>

[ChillyWI]

If someone does work on this, I'd like to see the ability to add the player to a group instead of just setting flags. We have immunity levels and flags set for each group, so it would simplify things a bit.

[mikkelmaj]

Hmm i may change a little befor i can use it