Quote:
Originally Posted by NouveauJoueur
The exploit is that if an admin is connected, with immunity, he will be immune, but when he disconnects, his name stay into the voteban, so if someone connect with his name, he'll be immune too. I had this problem on my ba_jail server where a guy came (not for long cause I banned him) and started to free kill, no one could voteban him cause of this stolen immunity.
Edit : the game is Counter-Strike: Source
|
Edit: Are you sure about that sequence of events? 1. Immune admins cannot be voted against, and 2. the only time a user's name gets stored for voteban is when a vote is actually cast against them. I don't see any way for an immune admin's name to get stored. The voteban persistence stuff works either on IP address or Steam ID, depending on whether the client ever authenticates with a valid Steam ID. The player's name only matters as something to show in the menu, and it turns out that the menu allows multiple items with identical strings, after all.
As I said earlier, the next version of the plugin will simply not even list immune admins,
so the exploit (along with some other bugs) should be fixed or at least worked-around. I plan on having the update released tonight.