From d66ce94423efeba77c8ce51454b90eeab7cb627f Mon Sep 17 00:00:00 2001 From: danieldg Date: Tue, 3 Mar 2009 17:45:31 +0000 Subject: Restrict some /WHO options to opers There is no reason to be able to query the umodes of other users or the port they connected on; this can contain private information. If HideWhoisServer is on, also restrict local/far query. git-svn-id: http://svn.inspircd.org/repository/trunk/inspircd@11164 e03df62e-2008-0410-955e-edbf42e46eb7 --- src/commands/cmd_who.cpp | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) (limited to 'src') diff --git a/src/commands/cmd_who.cpp b/src/commands/cmd_who.cpp index 1b77dd004..b201b9815 100644 --- a/src/commands/cmd_who.cpp +++ b/src/commands/cmd_who.cpp @@ -250,7 +250,8 @@ CmdResult CommandWho::Handle (const std::vector& parameters, User * opt_realname = true; break; case 'm': - opt_mode = true; + if (user->HasPrivPermission("users/auspex")) + opt_mode = true; break; case 'M': if (user->HasPrivPermission("users/auspex")) @@ -260,16 +261,19 @@ CmdResult CommandWho::Handle (const std::vector& parameters, User * opt_ident = true; break; case 'p': - opt_port = true; + if (user->HasPrivPermission("users/auspex")) + opt_port = true; break; case 'a': opt_away = true; break; case 'l': - opt_local = true; + if (user->HasPrivPermission("users/auspex") || !*ServerInstance->Config->HideWhoisServer) + opt_local = true; break; case 'f': - opt_far = true; + if (user->HasPrivPermission("users/auspex") || !*ServerInstance->Config->HideWhoisServer) + opt_far = true; break; case 't': opt_time = true; -- cgit v1.2.3