Opening Up Info Commands

Over the past year, a number of info commands have been opened up to all users including Defaults. Many of these commands have been said to offer no value and it’s been said that Defaults “should have no reason to use them”. However, I believe in opening up many info commands. Here I’ll explain why I believe the (minute) security risk posed from having such commands is completely overshadowed by the much larger advantage of simply fulfilling people’s curiosity when they wonder how things work.

First off, let’s establish what kind of commands are being allowed for people.

/gc offers information on RAM usage, # of entities, etc across the entire server as well as individual worlds.

/pex group can be allowed to only list the nodes which each group has. Now, people can literally know what every promotion entails without having to ask only to receive an incomplete answer.

The list goes on and on but other info commands that users can use include /mvp list, /mv list, /who, /pl, /?, etc.

Now, why focus on allowing so many info commands? Some argue that opening up info creates a lot of security holes. If someone can use /pl they might be able to tell if NCP is on or off and nuke the map, or perhaps they’d figure out some command that shouldn’t have been allowed. These are genuine threats but few people will attempt it and we can go so far as to say that actually having a vulnerability found is a really good thing.

Some of you may have heard of security through obscurity. A belief that secrecy of a design can provide security. However, realize that by hiding plugin and PEX node info, what we’re really doing is taking a security vulnerability and delaying the time until it is likely found. As of now, us staff are full of energy to quickly and efficiently respond to any security hole. We can’t exactly predict whether our responsiveness will be the same (of course responsiveness is what we wish) several months or even a couple years from now.

It didn’t take someone with info commands to realize that /break was allowed in MC1 survival when it wasn’t supposed to be. In fact, had we allowed info commands it’s probable that we could’ve dealt with /break being allowed in the wrong worlds far sooner. The command was first used during my three week break, during which no one checked the log files for commands. When the use of /break was found after the three weeks, the impact on the map’s economy was far greater than had it first been used prior to the 3 week absence when it could’ve been noticed and patched immediately. The consequences of /break occuring during my absence emulate how a decrease in responsiveness which could occur in the unpredictable future leads to a delay in addressing security holes. By allowing info commands, vulnerabilities will actually be found sooner rather than later, and that is a really good thing.

However, finding vulnerabilities is not the main reason I am in favour of info commands for all users. Instead, I believe that simply answering someone’s curiosity about how things work is more beneficial than the risk of having such commands. For every person who might try to harm the server by probing into it, there will be many others who will be able to have their questions answered in being allowed to see things such as our PEX groups or plugins. The risk for malice is virtually non-existent and as staff we could easily cover for it in the event anything happens. But remember, keeping these info commands lets people’s curiosity get satisfied. Perhaps it’s a small thing, but it is a good thing for all (curious) users.