egghelp/eggheads community

Eggdrop Security Guidelines ?

2002-08-28T07:06:37-04:00

I find that generally you are fairly safe as long as you treat your lists carefully. You don't have to handle your own memory so there is no danger of buffer overflows. As far as enabling/disabling anything is concerned... well no, there isn't much there either.

Remember that []'s are dangerous.. if you write a script badly, someone could be able to trigger it with [command] and your bot would execute the command. My advice for learning tcl is to test everything out in the partyline using the ".tcl" command and seeing what results you get. Also once you have written a script, try triggering it using [putlog "Hole here!"].
if there is a hole, you should see (in the partyline) "Hole here!"

Good luck, and I'll be around if you need assistance.

Statistics: Posted by Guest — Wed Aug 28, 2002 7:06 am

Eggdrop Security Guidelines ?

2002-08-27T11:16:06-04:00

I guess http://www.soft.net.uk/staffs/eggdrop/characters.html would be a good start
along with some of the tutorials at http://www.egghelp.org/

Statistics: Posted by Papillon — Tue Aug 27, 2002 11:16 am

Eggdrop Security Guidelines ?

2002-08-27T10:25:54-04:00

Hello Community,

You have all been great help so thank you.

I wanted your thoughts on secure programming for eggdrop. Things you shouldnt do, how to avoid buffer overruns, a reliable template for procedures, data verification, things to enable and disable... The idea being to build a list of best practice eggdrop programming.

People can then follow the list and avoid most of the pitfalls they might otherwise fall into. You have had years of programming so are there somethings you wouldnt do when programming a bot? Are there some links to good security information when programming tcl?

Anything would be a help

Regards

BK

Statistics: Posted by Guest — Tue Aug 27, 2002 10:25 am