Log in | Back to darenet.org

Server Privileges

m
m
Line 3: Line 3:
As it stands, ircd-darenet has only four (4) access levels: ordinary user, local operator, global operator, administrator and network administrator. The last two are essentially global operators with a few additional privileges. This is hardly enough control, especially over some of the more advanced and powerful features, such as G-lines.
As it stands, ircd-darenet has only four (4) access levels: ordinary user, local operator, global operator, administrator and network administrator. The last two are essentially global operators with a few additional privileges. This is hardly enough control, especially over some of the more advanced and powerful features, such as G-lines.
-
To mitigate this shortcoming, ircd-darenet includes the concept of privileges (supported by ircu since u2.10.11). Privileges are basically an arbitrarily long bit string. Access to particular features is governed by the value of a particular bit of that but string. So, in other words, privileges are a form of Access Control List. Below is a table of operator privileges currently supported by ircd-darenet.  
+
To compensate for this shortcoming, ircd-darenet includes the concept of privileges (supported by ircu since u2.10.11). Privileges are basically an arbitrarily long bit string. Access to particular features is governed by the value of a particular bit of that but string. So, in other words, privileges are a form of Access Control List. Below is a table of operator privileges currently supported by ircd-darenet.  
{| class="wikitable" width="80%" style="font-size: 85%; text-align: left;"
{| class="wikitable" width="80%" style="font-size: 85%; text-align: left;"

Revision as of 15:14, 17 February 2009

As it stands, ircd-darenet has only four (4) access levels: ordinary user, local operator, global operator, administrator and network administrator. The last two are essentially global operators with a few additional privileges. This is hardly enough control, especially over some of the more advanced and powerful features, such as G-lines.

To compensate for this shortcoming, ircd-darenet includes the concept of privileges (supported by ircu since u2.10.11). Privileges are basically an arbitrarily long bit string. Access to particular features is governed by the value of a particular bit of that but string. So, in other words, privileges are a form of Access Control List. Below is a table of operator privileges currently supported by ircd-darenet.

Privilege Purpose
CHAN_LIMIT Channel limit not enforced.
MODE_LCHAN Can use mode on local channels.
WALK_LCHAN Can walk through modes on local channels.
DEOP_LCHAN Cannot be deop'd on local channels.
SHOW_INVIS Show local invisible (+i) users.
SHOW_ALL_INVIS Show all (global) invisible (+i) users.
UNLIMIT_QUERY Who queries not limited.
KILL Can use /KILL (globally).
LOCAL_KILL Can use /KILL locally only.
REHASH Can use /REHASH.
REMOTEREHASH Can use remote /REHASH.
RESTART Can use /RESTART. Password still required if set.
DIE Can use /DIE. Password still required if set.
GLINE Can use /GLINE (globally).
LOCAL_GLINE Can use /GLINE locally only.
ZLINE Can use /ZLINE (globally).
LOCAL_ZLINE Can use /ZLINE locally only.
SHUN Can use /SHUN (globally).
LOCAL_SHUN Can use /SHUN locally only.
JUPE Can use /JUPE (globally).
LOCAL_JUPE Can use /JUPE locally only.
OPMODE Can use /OPMODE and /CLEARMODE on non-registered/quarantined channels.
LOCAL_OPMODE Can use /OPMODE and /CLEARMODE on non-quarantined local channels.
SET Can use /SET.
WHOX Can use /who x.
BADCHAN Can set bad channels globally.
LOCAL_BADCHAN Can set bad channels locally only.
SEE_CHAN Can see in secret channels.
PROPOGATE Oper status is propogated.
DISPLAY "is an oper" displayed.
SEE_OPERS Can see opers that do not have the DISPLAY priv.
WIDE_GLINE Can set "wide" GLINEs.
WIDE_ZLINE Can set "wide" ZLINEs.
WIDE_SHUN Can set "wide" SHUNs.
LIST_CHAN Can list secret channels.
FORCE_OPMODE Can use /OPMODE and /CLEARMODE on registered and quarantined channels.
FORCE_LOCAL_OPMODE Can use /OPMODE and /CLEARMODE on quarantined local channels.
CHECK Can use /CHECK.
SEE_SECRET_CHAN Can see +s channels in whois replies.
WHOIS_NOTICE Can set/unset usermode +W.
HIDE_IDLE Can set/unset usermode +I.
HIDE_CHANNELS Can set/unset usermode +n.
XTRAOP Can set/unset usermode +X.
WALLUSERS Can use /WALLUSERS.
EXEMPT Can add/delete/modify entries to/on the DNSBL exemption list.
MNOTICES Can send mass/masked messages and notices.
ROUTING Can use /CONNECT and /SQUIT.
ROUTEINFO Can see the actual server a user is on, use /MAP, /TRACE, /ASLL, /LINKS and view the JUPE list.
SERVERINFO Can use /GET, /STATS, /HASH, and retrieve remote information.
UAUSPEX Can bypass user privacy (e.g. see real hosts/ips).