Should the ConsoleCommand ACS function be removed?

There's been some debate over on the ZDoom forums (in this thread) as to whether or not it's a good idea to have a ConsoleCommand ACS function. For those of you who don't know, ConsoleCommand is a function callable by scripts that basically "types" whatever the command says into the console. This can be used to set fraglimits, add bots, remove bots, all kinds of different things. Of course, this could also be used to DESTROY THE WORLD.

Anyway, go ahead and vote, and debate to your heart's content.

The original reason I put ConsoleCommand in in the first place was so that I could setup botmatches. The console command function would setup a bunch of dmflags, spawn bots (with a delay), etc. I didn't set it up so that I could spawn frivolous test message; that's just simply a display of the power of the command.

Anyway, it's not too late. Skulltag is still in beta. I can remove the command. Is this what you want? Go vote on this thread.

It would be better to use setcvar(str var, str content) for that, getcvar() is already in ;-)
Or to restrict it, add dmflags(int newdmflags).

No, there are many benefits this function can add. Other lumps and functions can potentially mess up the user if used for evil purposes, this shouldn't be removed because of that.

Hirogen2 said:

It would be better to use setcvar(str var, str content) for that, getcvar() is already in ;-)
Or to restrict it, add dmflags(int newdmflags).

Perhaps.

ConsoleCommand("unbindall");

muaahahahahakekekekekek^___________^LÖLöllölÖLöl

regardless of trust or not, generally when a program has the possibility to screw up something on the user end from more than just a crash (ie by another user, indirectly here via a map) then you don't leave it in a hope for the best, it's like finding a buffer overflow somewhere and saying "oh well, nobody will exploit that", it's just a horrible practice and awful software design

btw I think the choices are a bit biased in this poll :P

edit: here's an example of a malicious use

script 1 OPEN {
   consolecommand("logfile dump.txt");
   while(1) consolecommand("dumpclasses");
}

what that does is dump to a text file which after a bit will get pretty huge (a single dump of 'dumpclasses' is 12kb), thusly filling up ones hard disk. Note you can also dump to any directory, so you aren't confined to the working directory and you can hide it pretty much anywhere. You also aren't limited to .txt filenames, and ZDoom does not check if the file you choose to dump to already exists. So if one were so inclined, one could change dump.txt to a list of system files (which are consistant on every windows machine) and overwrite them all. Not that anybody would do that sort of thing.

what Cyb said

[15:42] <@arioch> there should be a list of commands marked
                  safe for consolecommand
[15:42] <@arioch> and only those would be allowed
[15:42] <@Cyb> yeah someone suggested that but the argument is that
               some commands that could be used For Evil could also
               be used For Good
[15:43] <@Cyb> so you're limiting people again
[15:43] <@arioch> from a security standpoint
[15:43] <@arioch> the only commands that can be trusted
[15:43] <@arioch> are those that CAN'T be used for evil
[15:43] <@arioch> this should be the primary concern

dude if you want to run bots via acs just make some bot acs functions

i'll go with yes.

I see. Hmm, well I reset the fields, adding a "console command needs to be edited so certain holes can't be exploted" field.

crap too now my Yes-needs-to-be-removed vote does not show up and I can't re-vote.

But now I'm not allowed to vote.

Leave it in - not only can it be used to add bots, enable/disable cheats (which could be very useful - for a start you could have invincibility without that awful white screen, or make powerups last a different time to the fixed length) it could also be used to turn fast monsters on/off (for a one-off challenge or something) or stop you from jumping for a short while etc. etc.

Besides, there's no real gain to abusing it, and anyone actually wanting to could just be brutally ignored and shamed for doing so.

In fact, I should start a campaign to get it put into normal ZDoom...

Alright, well it has been left in. I have barred it from calling certain commands (alias, logfile, etc.) that could be used maliciously. Further changes will be made in future versions to prevent any kind of "evil" use of ConsoleCommand.