From bf7db13f019e3077668b404ecb51f584fbcc1cf1 Mon Sep 17 00:00:00 2001
From: Valentin Lorentz <progval+git@progval.net>
Date: Wed, 31 Jul 2019 23:00:55 +0200
Subject: [PATCH] Disallow mutating commands in Aka/Alias/Scheduler by default.

It's too easy to abuse these commands when owners don't know they have to set
the appropriate anticapabilities; so let's set the anticapabilities by default.
---
 src/ircdb.py | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/src/ircdb.py b/src/ircdb.py
index a16c9f129..b570352f7 100644
--- a/src/ircdb.py
+++ b/src/ircdb.py
@@ -1175,7 +1175,13 @@ class DefaultCapabilities(SpaceSeparatedListOfCapabilities):
             self.value.add('-owner')
 
 conf.registerGlobalValue(conf.supybot, 'capabilities',
-    DefaultCapabilities(['-owner', '-admin', '-trusted'], """These are the
+    DefaultCapabilities([
+        '-owner', '-admin', '-trusted',
+        '-aka.add', '-aka.set', '-aka.remove',
+        '-alias.add', '-alias.remove',
+        '-scheduler.add', '-scheduler.remove',
+    ],
+    """These are the
     capabilities that are given to everyone by default.  If they are normal
     capabilities, then the user will have to have the appropriate
     anti-capability if you want to override these capabilities; if they are