/OP Command is Dangerous for Main Admin User

[zeitgeist]

There is an issue, which I forsee will be the cause of major issues in the future. As the Admin user on my chat, I find that I would like to give Moderator rights to certain users. Currently the ONLY way to do this is via the /op command.

Problem: giving a USER admin rights via /op allows then USER to /DEOP the main Admin. This is a serious security hole, because admin should not be wide open to such a risk. If USER decides to go renegade with their new "Admin" status, they can disable the Main Admin, and take over the room, including using the /ban and /kick command against the Main Admin.

There should be a /mod command that allows admins to give limited rights to a USER which would disable their ability to /deop the Main Admin.

Unless this hole is fixed, I will have to think twice before giving anyone admin status in my room, right now that is just too dangerous.

I can't believe you guys who wrote this program did not take this into consideration.

Is there are plan to fix this problem?

[OldWolf]

Please restrict yourself to one thread per topic... posting three will get you no closer to a solution than one will.

...have you tried identifying yourself again to regain admin?

Either way: my suggestion? Don't grant operator status to someone you can't trust. I'm not sure why you would be giving op status to the type of person that would "go renegade." And yes, you ertainly should think twice before giving anyone op status in a room, regardless of if they can remove your op status or not.

[zeitgeist]

Anyone can decide to go renegade for any reason, please do not speak down to me as though you think I am an idiot, I am making a point, that if there was a /mod command, giving limited access to them, which could prevent them from banning or deop the Admin.

for your information, I entered /deop admin then /ban admin commands and admin could not sign in, it would not work for me. My basic point is that if Admins could be seperate op command to a mod it would be easier to have mods watching the chat for undesirable activity.

I apologize for posting in three different places, but please accept that I am new here and posted my topic wherever I though a place for it was relevant at the time.

Here in this forum you are a mod, you can kick me or ban me, but you cannot ban, downgrade permissions or even ban the admin in this forum, so why then should this not be considered a worthwhile feature of the PHPFreechat?

The chat system is fantastic, I mean that in every way, but it would be even more so, if there was a way for Admin to say for example /mod user then at least the possibility of admin getting deop'd would be little or nothing.

[Knerba]

Hello,

I really agree to this as well. I have been chatting on many sites where they have what we call Temp Ops, Perm Ops, Room Admin and Server Admin. Please allow me to explain further.

Temp Ops: These users are given temp op when a perm op types /op username. As soon as they leave the room, they loose the status.

Perm Ops: These users are given perm op when a room admin or server admin types /perm username. They will always perm op status even if they leave the room unless a room admin or server admin types /deperm username.

Room Admin: Well this may be a little irrelevant with this chat system but on the site I used to be a member of, they used to give rooms to people where they can assign their own perm operators.

Server Admin: These members are what they referred to as "god". They have perm op status in all rooms. Nobody can change this...

[zeitgeist]

Thank you for your response.

I think that phpfreechat is a fantastic program because it has so many prospects for updates. I definately believe that being allowed to give MOd status to a member to perform room moderation would be a good idea, and the idea should be that the main admin, who is at the end of the day "god" as you described in terms of the chat control. No operator even another admin should be able to deop the super admin.

[NAZIB)]

I believe the ones that want to be admins and mods are the ones you have to watch out for . They are the ones that were the crossing guards at school and it's just a power trip for them to let themselvs believe that they are actually in control Of the chatters in the room if you dont trust the Other people in your chatroom to moderate then close the chatroom when you leave ..

[re*s.t.a.r.s.*2]

Hi,

This is fixed in this thread http://www.phpfreechat.net/forum/viewtopic.php?id=5256

Protected admins will not be banned anymore for others admin...

hope it helps

regards.