Blockland Forums > Suggestions & Requests
Output Event-Server Command
Zeblote:
You'd expect people to be clever enough and only enable the mod if it is actually required for whatever specific gamemode they're working on, and combine it with admin only events.
Badspot:
Look, I'm sorry that I had to remove the add-on you worked on but it's just not a sound design. Anyone could build a brick that would shutdown the server or ban someone or whatever. If you release this, kids will turn it on all the time and their experience will be made worse and they won't know what's going on.
It's easy to blame them for turning it on but really the problem is that the design is so prone to failure that it is almost unavoidable. Please don't fight me on this. This would be another eval nightmare if released.
phflack:
I think badspot is speaking from experience here (the build rules addon that was default and everybody was turning it on and then complaining?)
Who Cares99:
--- Quote from: Badspot on January 20, 2014, 02:46:46 AM ---Anyone could build a brick that would shutdown the server or ban someone or whatever.
--- End quote ---
Couldn't we just have it so that only the host can use the event? It would still be extremely useful, and the only person who could do these kinds of things would be the only person who could do them anyway.
--- Quote from: Badspot on January 20, 2014, 02:46:46 AM ---Please don't fight me on this.
--- End quote ---
I don't want to argue about the mod, but I really think that it could be useful, and if you have an unchangeable restriction on it then it can't be abused either.
Advanced Bot:
--- Quote from: phflack on January 20, 2014, 03:21:24 AM ---I think badspot is speaking from experience here
--- End quote ---
No, he has seen people make these kind of add-ons, which are very vulnerable to servers, making them less secure. Like as he said, it can do a lot of stuff if it gets to the wrong hands of someone. Such as the eval add-ons, you shouldn't even have one if you have no idea what it is and you are just giving eval permission out to other people.
I have seen injection vulnerabilities on servers using via eval. I don't understand why you would even trust them with eval, especially giving eval permission to smart coders, some are nice to help, and some are just wanting to destroy the server within seconds.