Moderators can IP ban Admins


(Karl Romanowski) #1

Moderators have access to the Screened IPs admin area and can block the IP address of an Admin, preventing admin login. The admin sees “There is a problem with your account. …”

Expected: Moderators should either not have access to edit Screened IPs, or Admin account logins should not be blocked by Screened IPs.


(Jeff Atwood) #2

Or… maybe admins should be l33t enough to use a VPN to get back in!!! :crazy_face:


(Mittineague) #3

I was thinking about how this might have happened, I’m assuming it was not intentional.

Admin has IP Screened IPs as “allow”
Moderator / System identifies a bad actor using the same IP, Admin IP gets netted in a roll-up

AFAIK, the Screened IPs that have “allow” take precedence over “block”. I may be wrong about this, but I really don’t think so. (I’ll poke around in some code)


(Sam Saffron) #4

This is such an edge case I am not super enthused about prioritizing, especially since admins usually have 2 devices and can just switch to Phone if they messed stuff up. Or even just SSH in and fix via console.

You are describing a security hole where a moderator goes rogue and blocks admins, however they do not escalate privileges just make life a bit more annoying for admins.

Giving admins a free pass around screened ips is not going to happen.

  • I am sort of open to having a sanity test that makes sure you do not block yourself when blocking an IP

  • I am open to possibly making an extra sanity test that makes sure no staff have the IP to the best of our knowledge prior to adding an IP or range.

Moving this to feature request, I do not see this as a bug.


(Karl Romanowski) #5

Sounds good. I should have just worded my post as a question: If all admins get IP banned, say every IP in the city/area, what’s the easiest way to undo that.


(Sam Saffron) #6
./launcher enter app
rails c
% ScreenedIpAddress.where("ip_address >>= inet '100.1.0.1'").destroy_all

replace 100.1.0.1 with whatever IP