Why are * permissions bad (eg; essentials.*, cmi.*, or of course, the classic, * by itself)
I am on the * are bad side of this fence but I often find myself trying to help out on servers that are addicted to the
*. I need to be able to articulate in a non-admin sort of way why we don't want to use them. In sort my own reasons are this; It's bad code. You don't know what you are doing when you enable everything, and by enabling everything, you almost certainly create unintended side effects, like excluding admins who also want to experience the game, from gameplay elements. But, that's a mouthful, and I feel like there are far better, and far more critical reasons why * permissions should be avoided.
Or am I a big old dummy and wrong here?
searchable keyword(s): wildcard permissions12 Replies
Even though it's sponge related, I've found that https://nucleuspowered.org/docs/nowildcard.html retails it really well.
Ive not heard that
.* permissions should be avoided. Only ever to not give the * permission.
Giving plugin.permission.* is fine, as long as youre familiar with all of the permissions that gives a player.The wildcard permission is like taking at once all the pills that had ever existed. Sure, taking one or two helps you when you are sick, but taking all of them will kill you.
Using
.* is okay depending on the plugin that it comes from and if you are 100% certain of everything it gives players. The main * should be avoided at all costs as it can and will mess with things. I generally try to avoid all forms of .* and just specifically set what players should have.I appreciate the quick replies and the link here. I feel like any server manager wildcard should be avoided because it tends to include a lot of "Exclude this player from X" (AFK detection for example, among other things). I guess that is really summed up by the "Don't give a player Pluginname.* unless you know what permissions are being given"
I mean, it has its uses.
For instance, my anticheat has a permission,
anticheat.bypass.checkName
if you want to exempt a player from all checks, you can do bypass.*, which is very useful
but yeah, use it sparinglybut honestly, does using a wildcard perm saves you that much time?
today, with luckperms gui and all that, you can literally copy and paste permission nodes
For an anticheat with 150+ checks, yeah
this is a very specific scenario, but you can abstract it to other uses
Well I think the deeper down the tree a wildcard is the less harm it can do, because it's only applying to a specific subsection, so I'm alright with those (again, as long as the person assigning it actually knows what they are doing)
Context: I came in to help set up permissions on a server where someone had already started, and, had used a lot of *'s
Also the least privilege principle exists, which not only applies to Minecraft, but basically everywhere on servers
Least Privilege Principle is something I always live by in the IT world.
That's a great way to explain it (to my friends) as well
Does anyone have a more bukkit/spigot based link explaining why * is bad? I'll also try to do some searches to find one. I only worry that the mentions of it being about Nucleus and Sponge will undercut it if they think it's not actually relevant to bukkiit/spigot/paper etc.