Forum

Results 1 to 11 of 11
  1. #1
    Join Date
    July 2013
    Location
    Russian Siberia
    Posts
    27

    Question Why server admin settings by default, can delete the user Server Query Admin?

    Why server admin settings by default, can delete the user Server Query Admin?
    Need use b_client_delete_dbproperties, List all clients -> search -> delete client.
    Why is it so easy? is security.
    Maybe you should do to protect Server Query Admin from being deleted?
    Last edited by rteam; April 17th, 2014 at 11:35 PM.

  2. #2
    Join Date
    January 2010
    Location
    Secret Base in Arctic Region
    Posts
    1,671
    Are you or someone else in said group? (ASQ)
    Normally the "serveradmin" shouldnt be listed to regular users.

  3. #3
    Join Date
    July 2013
    Location
    Russian Siberia
    Posts
    27
    Normally the "serveradmin" shouldnt be listed to regular users.
    I know.
    I think it's wrong. Server admin should not have default permission to delete user ServerQuery

  4. #4
    Join Date
    January 2010
    Location
    Secret Base in Arctic Region
    Posts
    1,671
    Do you try this in the client or using a external tool or web interface?
    If me tries it with our "Direktorium" group (which has more perms than the default serveradmin group), me doesnt see the user "serveradmin" in the client, not even after search.

  5. #5
    Join Date
    July 2013
    Location
    Russian Siberia
    Posts
    27
    In Client Teamspeak 3, admin server go to List all clients -> search (enter id or nickname SQA) -> delete client.
    ! If SQA online u can't delete him.

  6. #6
    Join Date
    April 2011
    Location
    Germany
    Posts
    1,266
    On a server with proper and even standard rights this isn't possible. So I suppose you haven fumbled in your server rights... and therefor self created this possibility...

  7. #7
    Join Date
    July 2013
    Location
    Russian Siberia
    Posts
    27
    Quote Originally Posted by Barungar View Post
    On a server with proper and even standard rights this isn't possible. So I suppose you haven fumbled in your server rights... and therefor self created this possibility...
    you tried? please check
    download Server *-bit 3.0.10.3 and test
    1. install server
    2. use key -> add u server admin
    3. add SQA
    4. give another client SA
    5. SQA disconnect
    6. SA: List all clients -> search (enter id or nickname SQA) -> delete client.
    7. Connetc SQA
    you still have a group SQA?
    Last edited by rteam; April 20th, 2014 at 10:50 AM.

  8. #8
    Join Date
    April 2011
    Location
    Germany
    Posts
    1,266
    Yeah, I have done exactly this... I installed a fresh ts3 server.
    Now I have a fresh server with me being "server admin"... there is no possible chance for this "server admin" to edit, add or interact with the "sever query admin". So explain your "add SQA"...

  9. #9
    Join Date
    July 2013
    Location
    Russian Siberia
    Posts
    27
    I wrote in detail
    .1.2.
    3. add SQA
    use u login and password
    I use telnet
    telnet localhost 10011
    login serveradmin password -> Enter
    use sid=1 -> Enter
    servergroupaddclient sgid=2 cldbid=2 -> Enter
    ! sgid=server group ID, cldbid= client database ID
    ok, u have SQA
    .4.5.6.7.
    you still have a group SQA?

  10. #10
    Join Date
    April 2011
    Location
    Germany
    Posts
    1,266
    Quote Originally Posted by rteam View Post
    I wrote in detail
    .1.2.
    3. add SQA
    use u login and password
    I use telnet
    telnet localhost 10011
    login serveradmin password -> Enter
    use sid=1 -> Enter
    servergroupaddclient sgid=2 cldbid=2 -> Enter
    ! sgid=server group ID, cldbid= client database ID
    ok, u have SQA
    .4.5.6.7.
    you still have a group SQA?
    Quote Originally Posted by Barungar View Post
    On a server with proper and even standard rights this isn't possible. So I suppose you haven fumbled in your server rights... and therefor self created this possibility...
    As I said before... you "fumbled" with the servers rights. It is absolutely not supported and never ever advised to add any user beside "serveradmin" to that group. Everything that happens after this operation is not supported... so you basicly destroyed any security that was previous available by that act.

    And yes, the "serveradmin" can do such things, because he is the serveradmin. As root on any unix based system can also do many, many foolish thing. The difference is a "real" root or serveradmin wouldn't do that... so there is no security issue beside yourself.

  11. #11
    Join Date
    January 2010
    Location
    Secret Base in Arctic Region
    Posts
    1,671
    What Barungar said. And me asked first if you or someone else is in the ASQ (Admin Server Query) Group, then of course its possible and no bug or security flaw and such.
    And yes, its not supported from Teamspeak Systems GmbH to add regular users to Query Groups.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Replies: 1
    Last Post: July 20th, 2015, 02:25 PM
  2. Send message from user to admin server query
    By Mannsinn in forum Permission System
    Replies: 3
    Last Post: October 28th, 2013, 09:53 PM
  3. I delete serveradmin from Admin Server Query group
    By p1kox in forum Permission System
    Replies: 2
    Last Post: January 16th, 2013, 08:10 AM
  4. User cannot send a message to admin server query
    By Kugelhai in forum Permission System
    Replies: 1
    Last Post: October 9th, 2012, 10:49 AM
  5. Server Admin can't move Admin Server Query user?
    By dmaxel in forum Client Support
    Replies: 3
    Last Post: February 4th, 2011, 08:26 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •