UniAdmin [0.7.6] Released

Support and feedback for UniAdmin

UniAdmin [0.7.6] Released

Postby jffire » Fri Mar 30, 2007 4:45 am

I know that, but meanwhile there must be some php code modif I can do to correct that meanwhile. Only if you have time though. Cause that mod is really used by guildies to organize raids and runs.

Thanks
User avatar
jffire
WR.net Apprentice
WR.net Apprentice
 
Posts: 30
Joined: Wed Jul 26, 2006 8:38 pm

Re: UniAdmin [0.7.6] Released

Postby Jabouty » Sat Mar 31, 2007 10:39 pm

I noticed that the new UU (2.6.4) allows for UA to tell it to delete certain addons. How does one use this functionality in UA, or is it implemented in 0.7.6 yet?

Sorry if this is a total newbsauce question...

Jab
Last edited by Jabouty on Sat Mar 31, 2007 10:40 pm, edited 1 time in total.
User avatar
Jabouty
WR.net Apprentice
WR.net Apprentice
 
Posts: 60
Joined: Thu Dec 28, 2006 6:22 pm

UniAdmin [0.7.6] Released

Postby zanix » Sun Apr 01, 2007 3:32 am

Jabouty wrote:I noticed that the new UU (2.6.4) allows for UA to tell it to delete certain addons. How does one use this functionality in UA, or is it implemented in 0.7.6 yet?

Sorry if this is a total newbsauce question...

Jab

This functionality is not in 0.7.6
It will be in UA 0.7.7
Read the Forum Rules, the WiKi, and Search before posting!
WoWRoster v2.1 - SigGen v0.3.3.523 - WoWRosterDF
User avatar
zanix
Admin
Admin
WoWRoster.net Dev Team
WoWRoster.net Dev Team
UA/UU Developer
UA/UU Developer
 
Posts: 5543
Joined: Mon Jul 03, 2006 8:29 am
Location: Idaho Falls, Idaho
Realm: Doomhammer (PvE) - US

Re: UniAdmin [0.7.6] Released

Postby fubu2k » Mon Apr 02, 2007 3:36 pm

blacklisted extensions should be the following ones:

exe,com,jar,vbs,bat,cmd,js,scr,reg,vbe,eml,lnk,pif,wsh,xls,chm
fubu2k
WR.net Apprentice
WR.net Apprentice
 
Posts: 6
Joined: Tue Oct 10, 2006 3:25 pm

UniAdmin [0.7.6] Released

Postby foreseit » Mon Apr 02, 2007 7:48 pm

What shall we do with cartographer that has 1 bat file?
<a href="thehateguild.com"><img src="/anetheron/addons/siggen/sig.php?name=Foreseit"></a>
User avatar
foreseit
WR.net Journeyman
WR.net Journeyman
 
Posts: 139
Joined: Tue Jul 25, 2006 10:03 pm

Re: UniAdmin [0.7.6] Released

Postby MattM » Tue Apr 03, 2007 6:55 am

fubu2k wrote:blacklisted extensions should be the following ones:

exe,com,jar,vbs,bat,cmd,js,scr,reg,vbe,eml,lnk,pif,wsh,xls,chm


this is what UU 2.6.4 uses:

Code: Select all
      public string[] fileBlacklist = {
                                 ".ade",
                                 ".adp",
                                 ".bas",
                                 ".bat",
                                 ".chm",
                                 ".cmd",
                                 ".com",
                                 ".cpl",
                                 ".crt",
                                 ".doc",
                                 ".eml",
                                 ".emf",
                                 ".exe",
                                 ".hlp",
                                 ".hta",
                                 ".inf",
                                 ".ins",
                                 ".isp",
                                 ".jar",
                                 ".js",
                                 ".jse",
                                 ".lnk",
                                 ".mdb",
                                 ".mde",
                                 ".msc",
                                 ".msi",
                                 ".msp",
                                 ".mst",
                                 ".pcd",
                                 ".pif",
                                 ".ppt",
                                 ".py",
                                 ".rar",
                                 ".reg",
                                 ".scr",
                                 ".sct",
                                 ".sh",
                                 ".shs",
                                 ".url",
                                 ".vbs",
                                 ".vbe",
                                 ".wsf",
                                 ".wsh",
                                 ".wsc",
                                 ".xsl"
                                   };
MattM
UA/UU Developer
UA/UU Developer
Gimpy Developer
Gimpy Developer
 
Posts: 886
Joined: Tue Jul 04, 2006 9:53 pm
Location: USA

UniAdmin [0.7.6] Released

Postby gorgeth » Tue Apr 03, 2007 8:22 am

The list should *not* exist inside of UU at all.. unless somewhere in the settings the extensions can be changed (which they currently cannot)

This sudden desire to "secure" an inherently unsecure system .. it makes less than no sense really..

If i have control over the end user to the point where I can get him to install what I want, and visit a webpage, and download and install items.. the blacklist/whitelist debate here is nothing but a headache for both admins and end users.

Especially retarded in THAT list of files is that it includes .doc, .url, hlp, and bat files.. ALL of which are routinely included with addons.. especially the more complicated addons that users will have more trouble installing vs the simple drop in set it and forget it types that you seem to be focused on..

The blacklist ONLY needs to exist in one place (admin side) and not user side.. and thus should be removed from UU.. this is just gonna become a lovely fork "the working UU" and the "official" UU.

So lets drop the nonsense now and go back to what has worked for the last 2 years ..
User avatar
gorgeth
WR.net Apprentice
WR.net Apprentice
 
Posts: 26
Joined: Tue Jul 04, 2006 4:57 pm

Re: UniAdmin [0.7.6] Released

Postby Shadowsong » Tue Apr 03, 2007 1:18 pm

gorgeth wrote:The list should *not* exist inside of UU at all.. unless somewhere in the settings the extensions can be changed (which they currently cannot)


exactly my thoughts...
User avatar
Shadowsong
WR.net Apprentice
WR.net Apprentice
 
Posts: 32
Joined: Wed Feb 14, 2007 2:39 pm

UniAdmin [0.7.6] Released

Postby zanix » Tue Apr 03, 2007 2:39 pm

exe, bat, scr, and jar have ALWAYS been blacklisted in UU for as long as I can remember

You have always had the option to compile and re-distribute UU for your own uses, I know this can be a pain...

The other solution is to have UA control what is in the zip file
The only surefire way to do this is to repack addons when they are processed.
This takes a hit on upload time since the addon (which already has to be unpacked) would have to be scanned, the repacked on the server
This would hurt the ability to install multiple WoWAce addons which is already timing out at around 6 (on my server)

UU has this list so that UA doesn't have to repack addon files
It may be conceivable to have UU download the current blacklist from the UA install it syncs with
Read the Forum Rules, the WiKi, and Search before posting!
WoWRoster v2.1 - SigGen v0.3.3.523 - WoWRosterDF
User avatar
zanix
Admin
Admin
WoWRoster.net Dev Team
WoWRoster.net Dev Team
UA/UU Developer
UA/UU Developer
 
Posts: 5543
Joined: Mon Jul 03, 2006 8:29 am
Location: Idaho Falls, Idaho
Realm: Doomhammer (PvE) - US

Re: UniAdmin [0.7.6] Released

Postby mmaura » Tue Apr 03, 2007 5:47 pm

to upload correctly somes Ace2 addons like bigwigs and furbar, i mus t add .2 and .1, and .0 extention allowed.

UniAdm seen to interpret directory like files

Code: Select all
define('UA_ALLOW_ADDON_FILES' , 'lua,toc,txt,tga,blp,ttf,xml,wav,mp3,nopatch,bak,2,1,0');


mmaura
WR.net Apprentice
WR.net Apprentice
 
Posts: 3
Joined: Tue Oct 24, 2006 5:05 pm

UniAdmin [0.7.6] Released

Postby Shadowsong » Tue Apr 03, 2007 7:11 pm

I don't really care if UA or UU checks the extensions... or both... but it must be configurable! One other soloution for UU is a Wildcard... in example for cartographer...

Edit: It would be nice to do this in UA (checkbox for a addon that should be on the wildlist)
Last edited by Shadowsong on Tue Apr 03, 2007 7:12 pm, edited 1 time in total.
User avatar
Shadowsong
WR.net Apprentice
WR.net Apprentice
 
Posts: 32
Joined: Wed Feb 14, 2007 2:39 pm

UniAdmin [0.7.6] Released

Postby MattM » Tue Apr 03, 2007 7:40 pm

inherintly insecure as these tools may be, we try to do as much as possible to lower the risk at all.

Discontinuing this approach to insecurety would be ignorance.

As far as it being a headache for people, were doing all we can to lower the intensity of said headaches. Such as the change in UU to simply not extract the files which are blacklisted AND not causing an endless update cycle for that particular addon.

I suggest UA do a similar thing - dont deny an addon edition because of a blacklisted file, but instead neglect the file's row in the file table.
MattM
UA/UU Developer
UA/UU Developer
Gimpy Developer
Gimpy Developer
 
Posts: 886
Joined: Tue Jul 04, 2006 9:53 pm
Location: USA

UniAdmin [0.7.6] Released

Postby zanix » Wed Apr 04, 2007 8:34 am

Currently UA doesn't modify the zip file ever doing so would cause too much CPU utilization IMO

What UA does is not put the file information in the database so UU doesn't try to scan the file
Read the Forum Rules, the WiKi, and Search before posting!
WoWRoster v2.1 - SigGen v0.3.3.523 - WoWRosterDF
User avatar
zanix
Admin
Admin
WoWRoster.net Dev Team
WoWRoster.net Dev Team
UA/UU Developer
UA/UU Developer
 
Posts: 5543
Joined: Mon Jul 03, 2006 8:29 am
Location: Idaho Falls, Idaho
Realm: Doomhammer (PvE) - US

UniAdmin [0.7.6] Released

Postby Shadowsong » Thu Apr 05, 2007 4:12 am

How ever... it must be possible, to make cartographer available to UU! otherwise we have to compile our own UU... But that is a bad bad way... I'd really prefer the wildcard feature.
User avatar
Shadowsong
WR.net Apprentice
WR.net Apprentice
 
Posts: 32
Joined: Wed Feb 14, 2007 2:39 pm

UniAdmin [0.7.6] Released

Postby sturmy » Thu Apr 05, 2007 1:43 pm

cartographer (and bigwigs) ARE functional and able to be distributed through UU even with the default filters. What is NOT distributed is the .bat file that transforms the addon into Load on Demand addons. No Biggie.

I've been distributing cartographer, oRA2 and BigWigs "as they come from WoWAce" through UU and UA without modification.

It is healthy that by default some extensions are excluded. What would be wishable is to "tick" which files are known safe (not extensions per se). I mean, the .bat file of Carto might be approved but not "just any other .bat". Since MD5s are generated for each file to check their changes, that could be workable. But overly complex.

IMHO it's OK the way it is, although it could be better.
sturmy
WR.net Expert
WR.net Expert
 
Posts: 160
Joined: Wed Aug 16, 2006 9:07 pm

PreviousNext

Return to UniAdmin

Who is online

Users browsing this forum: No registered users and 0 guests

cron