mirror of
https://github.com/Bubberstation/Bubberstation.git
synced 2025-12-14 03:32:00 +00:00
024cd5e84b
* [s] Fixed admins being able to bypass proccall protections via remote sdql and circuits. (#61482) About The Pull Request Admins can bypass IsAdminAdvancedProcCall checks by using these methods of proccall because proccall protection is kinda dumb. This has been tweaked so that there is proper proccall protection for these methods of proccall. Code is hacky, but there's not much of a choice if we want procs to be properly protected from admin proccalls from any sort of remote source. If anyone has a better idea on how to implement this, feel free to hit me up. We need a special global mob that handles proccalls from sources that may not have a usr/client to refer back to. IsAdminAdvancedProcCall() relies usr being defined, so if no usr is defined, then this will always return false. This has been adjusted so that proccalls without a usr/client to refer back to will instead set usr to this special mob, which will then let the IsAdminAdvancedProcCall() return true by comparing whether usr == this special global mob. Why It's Good For The Game Admins can no longer bypass IsAdminAdvancedProcCall checks. Changelog cl admin: Admins are no longer able to bypass proccall protections using remote methods of proccalling. /cl * [s] Fixed admins being able to bypass proccall protections via remote sdql and circuits. Co-authored-by: Watermelon914 <37270891+Watermelon914@users.noreply.github.com>
3.8 KiB
3.8 KiB