Bug? - users that are not my userlist can d/load

Submitted by secretsquizza on Thu, 08/11/2011 - 11:43
Forums: 
Soulseek General Discussion

Not much more to say on this one.

All of my shared files are marked as shared to userlist only and my userlist is very small ATM as its very difficult to add a user (think they need to be online and in a room - that's the only place i can find to right-click and add user to list).

I noticed 2 or 3 users that aren't on my list were able to download files.

These may have been people on my old userlist that had files queued before i switched client? That's a guess btw.

Submitted by Nir on Thu, 08/11/2011 - 16:00.

You're probably right that these are files that were queued while you were using the other client. Sharing permissions are currently only checked when returning search results and when others browse your share. In most any real-world situations this should be enough to make sure no one downloads what they shouldn't, but I'll definitely add a download time check as well later on.

Submitted by secretsquizza on Thu, 08/11/2011 - 23:55.

That would be good if you could tighten this up a bit, as i think if someone browses your shares and start to queue millions of files they can still queue stuff even after you've removed them from userlist (if they leave the browse window open), so the only way i've found to stop them is to ban them, which you don't always want to do!

A check before each download would be ideal!

Submitted by secretsquizza on Wed, 08/17/2011 - 09:57.

Been using the new client for a while now and I've had one user who is not on my userlist (was banned on my old client install) who has been able to download from me. Is there anyway to ban on the new client? He's a total leech and (it seems) that you can have concurrent uploads so he just queues 100s of files and noone else can get any. Causing me quite a problem and I may need to switch back to the old client.

Submitted by Nir on Wed, 08/17/2011 - 15:20.

Let me see what I can do about adding a download-time permissions check for the next release. I'm doing a lot of distributed search network work and the client is not in a usable enough state for release right now, so I can't rush it. Sorry for the hassle.

Submitted by secretsquizza on Wed, 08/17/2011 - 22:48.

Whatever you can do to help would be great. Really appreciate your efforts.