grant video filesystem access on freedom-01

FromTimeToTime · April 13, 2022 at 11:43 PM

just to be clear, i have video's blessing to make this thread. it's not a suggestion for EAOs, but a special case for him. he's currently the only one I find trustworthy, committed, and faithful enough to TF to consider recommending as an addition.

f-01 is often terrorized all through the night by exploits. sometimes we're down for hours, or just hit over and over again. meanwhile, video is always awake, cranking out new patches for scissors. but once those patches are ready to go, he lacks the authority to load them on the server. if he were trusted with FTP access, he could provide so much more value to TF, including doing that himself when others can't.

he was previously the official archivist of the server, which gave him FTP access. lately, he has sought out access again, including for his flatlands archival project, which he ended up taking into his own hands for a whole month last autumn. due to his insatiable eagerness to archive things, i suggest laying out some ground rules for his access, if that concerns you.

however, i am confident that the positives outweigh the negatives. he is extremely competent, so I don't believe he would be a significant liability security-wise. he is willing to keep on top of patches when time is of the essence, update plugins in a more timely manner, and likely provide backups the likes of which have never been seen before.

MagAgentV3 · April 13, 2022 at 11:43 PM

Vouch

mattlawn · April 13, 2022 at 11:50 PM

i vouch he can be trusted

Lunatic · April 13, 2022 at 11:52 PM

Vouch

schultz · April 13, 2022 at 11:52 PM

vouch this should have been done a long time ago it will literally speed up the process of stabilizing the server

**Alco_Rs11** · April 13, 2022 at 11:53 PM

I Vouch. This could easily rapidly speed up exploit patching and various development tasks within his scope as a developer. He's trusted by the community as well and poses no risk to server security. This also helps with those low-sleep nights where we're awake at late hours trying to keep the exploit losers who come out in the dead of night for their foul play while Video's patching said exploits. Video having file access clearly benefits everyone and the server as a whole.

Luke · April 14, 2022 at 12:23 AM

no fuck caleb

**wild1145** · April 14, 2022 at 12:33 AM

This is one of the reasons root has come onto the team. Given Steven ans myself are awake throughout the Europe timezone and rylie is us time, it's been pretty good at covering when video is online and critical patches need pushing

I'm personally reluctant to grant anyone file system access for a few reasons, one is to ensure we maintain a reasonable qa process or at least the checks and balances around it, some is around separating privileges to try to minimise risk if accounts are breached, and some are because I don't want people taking unauthorised backups / copies of the file system and potentially sharing them.

If there are examples of where this has been actively problematic that would be helpful because afaik there haven't been any recent incidents where someone couldn't apply a patch where it was absolutely critical.

**Alco_Rs11** · April 14, 2022 at 12:42 AM

Quote

↩ @'Ryan' If there are examples of where this has been actively problematic that would be helpful because afaik there haven’t been any recent incidents where someone couldn’t apply a patch where it was absolutely critical.

A recent example in which a patch took a bit to be implemented and then caused some significant damage was those minecarts that crippled flatlands. A patch was made via paper jar by Telesphoreo and Steven had to DM me to obtain access to the said jar after it was confirmed to patch the exploit, bypassing the development team procedures in its entirety because of the exploit was severe and kept bricking the server with the attackers showing no signs of stopping. This is also the same exploit where the server crashed at least a hundred times while Video and I attempted to remove them prior to the patch.

Telesphoreo · April 14, 2022 at 2:46 AM

Vouch + pterodactyl logs all file actions already right now

taah · April 14, 2022 at 3:45 AM

vouch. he needs to make more use of his no life

erin · April 14, 2022 at 10:59 AM

Quote

↩ Alco_Rs11 This is also the same exploit where the server crashed at least a hundred times while Video and I attempted to remove them prior to the patch.

fwiw the server would've crashed more than a hundred times if it were not for the fact that I had to ask Steven to turn off the autorestart script since it was immediately crashing on startup.

That's how severe this situation was, and it would've been solved much quicker had video been entrusted with this access.

uvb · April 14, 2022 at 11:05 AM

vouch. video is one of the reasons that most harmful exploits have been patched in scissors and granting him filesystem access would speed up the patching process

**wild1145** · April 14, 2022 at 11:07 AM

↩ uvb Lead developer does. Dev team should be getting them to make changes… We've never allowed developers direct access as a job role.

uvb · April 14, 2022 at 11:07 AM

↩ @'Ryan' yeah i phrased it retardedly will fix in a sec

**wild1145** · April 14, 2022 at 11:09 AM

↩ Alco_Rs11 so I was involved in this one. The issue was at the time the server was crashing nobody had the patched jar or could get hold of video… At the time video had to build the jar locally and send it to people, that's now changed and the patches since then have been much smoother.

Given rylie as the sys admin has access, Paldiu as lead Dev as well as Steven and myself, we already have people across the timezones. I'm very reluctant personally to grant more people access than is absolutely necessary and this should not be necessary now…

**lyicx** · April 14, 2022 at 12:04 PM

i vouch, geezer dont got a bad bone in his body when it comes to this server

Audlo · April 14, 2022 at 5:12 PM

Vouch

SaturnRayo · April 15, 2022 at 10:17 AM

I'll vouch. Simply put, Video is a truthworthy developer, it was noted that he did have access in the past, and let's say that if we want to go to the exploits zone, then he is the most notable developer who patches them, as a simple tf operator like me can see. If this will make the whole process faster and there's no harm then why shouldn't he be given access?

erin · April 15, 2022 at 10:56 AM

I vouch - whilst we currently have a number of people across different timezones none or as active around the server and it's community as video is.

From what I can gather the rest of development is at a complete standstill whilst video has been absolutely instrumental in patching critical and severe exploits related to spawn eggs. Exploits that would not have been a problem were it not for mistakes made during the previous update that, due to the current methodology, have yet to be rectified.