Sudo Command for Bypassing Permissions

Discussion in 'Archived: Plugin Requests' started by cadika_orade, Nov 12, 2012.

  1. Offline

    cadika_orade

    I would like a plugin that gives players the ability to completely bypass permissions by prefacing their command with /sudo. the plugin would then ask them for a password, and if the password is correct bypass the permissions (I use PEX if it matters). This would be of great use when trying to debug permissions.

    OPTIONAL:

    A one-time use SUDO: The plugin could have a command such as "/sudo temp password", where "password" is a temorary, one-time use password. This way I could grant a user the ability to execute a typically off-limits commands.

    Example usage:

    [Member]cadika_orade: "Bummer. Oh good! Members don't have permission to do that."
    [Member]cadika_orade: /sudo pex promote cadika_orade
    [Server]: Sudo Password:
    [Member]cadika_orade: /sudo albuquerque
    [Server]: Sudo Password Accepted.
    [Admin]cadika_orade: "Yay!"

    [Member]HerpDerp: "Man! I REALLY need to /back, but members aren't allowed to do that!"
    [Admin]cadika_orade: /sudo temp swordfish
    [Admin]cadika_orade: /msg HerpDerp Just use /sudo back. The password is "swordfish".
    [Member]HerpDerp: /sudo back
    [Server]: Sudo Password:
    [Member]HerpDerp: /sudo swordfish
    [Server]: Sudo Password Accepted.
    [Member]HerpDerp: "Sweet! My diamonds!"


    Alternatively, if it could catch the user typing the password without a command, and then preventing the message from going into public chat, that would be very nice.
     
    JazzaG likes this.
  2. Offline

    chaseoes Retired Staff

    What is a use case for this?
     
  3. Offline

    cadika_orade


    Does this not constitute a "use case"?
    If not I am afraid I don't know what you mean.
     
  4. Offline

    Necrodoom

    so basically, this is a one command pass for a member to do any command, no matter what. doesnt sound really safe.
    wouldnt it better if the admin does the command on the player?
     
    Codex Arcanum likes this.
  5. Offline

    kneeven

  6. Offline

    cadika_orade

    Not to be impolite, but alright, smart aleck. Please tell me a command already in Bukkit or PEX that allows me to execute any command regardless of permissions on behalf of a given player.

    I've checked. I can't find one.

    Also please explain how it is insecure, since if someone can guess the sudo password they may as well just guess my FTP password and add themselves to the Op list, or my Minecraft account password and steal my whole account. On top of that, if you had taken 30 seconds to actually read the OP, you would have noted that the point of the plugin is to allow the ADMIN to bypass permissions when needed. The idea of adding functionality for letting arbitrary users bypass permissions in case of emergency was in the clearly-marked "Optional" section.

    Also please explain how this would be any less secure than the popular plugin which allow player to promote themselves instantly by clicking on a sign. Not every plugin made has to be necessarily suitable for every server in the world. In this case, this plugin may only be suitable for my server alone, but it would certainly make debugging permissions a lot easier since I am currently trying to juggle permission nodes pertaining to over 100 different plugins.

    Lastly, your post is poorly written and reflects a lack of even a basic grasp of capitalization rules. Begone now, you negativity-spewing whelp.

    Exactly. You, sir, have good taste in webcomics.

    Now that I think about it more, the implementation of a "super user do" command could actually IMPROVE server security, much as it improves the security of Linux. I could remove the permission nodes from the Admin group, and any time I need to access command outside of the scope of a Member, I would need to supply a password. In this way, should my account ever be compromised in any way the server would still be secure since without that password a hacker would be unable to do any more damage than a regular member could.
     
  7. Offline

    fredghostkyle1

    essentials will do this /sudo command

    EDIT: the player/groop need OP or the essentials.sudo command. and there are premissions to stop a group/player getting sudoed.
     
  8. Offline

    Necrodoom

    i shouldve read your post better.
    basically i was trying to say that your optional uses suggestions dont seem to consider to me what command the member trys to type, so the member could also execute a command like /op when given the one time sudo password. if you meant it allows member one time access to a single command, then nevermind.
     
  9. Offline

    cadika_orade

    In theory, that player could use /op given a one-time sudo password. I didn't think that a plugin should be designed to protect a server from an Admin who is a complete dolt and gives ultimate power to people who could royally bork the server.

    Also, on my server at least, being an Op doesn't get you anything beyond the ability to edit the spawn chunk and spawn a Weeping Angel.


    You are, in fact, correct. Better yet, the Essentials command lets me proxy over the targeted player. That works for some uses, but not others.

    I still have no means of overriding permissions. In this case, I would need someone with the required permissions to run the command for me. If you had read the first line of my post, you would have noticed that.

    EDIT by Moderator: merged posts, please use the edit button instead of double posting.
     
    Last edited by a moderator: May 29, 2016
  10. Offline

    Hoolean Retired Staff

    HOLYSHITWHATSYOURSERVERTHATSOUNDSOAWESOME
     
  11. Offline

    desht

    cadika_orade and TheSkeletonSK like this.
  12. Offline

    cadika_orade


    Again, you are awesome. Still not what I am looking for, but this provides something else I was looking to do in the near future! If I'm understanding it correctly, I can use this to let players find dragon shout in-game without needing a Time Lord to grant it to them. Similarly, I might be able to work out some way of letting guests promote themselves to members if they actually read all the rules. Still thinking about that.

    You, sir, are as awesome as your profile pic makes you look.
     
    desht likes this.

Share This Page