Functionality 

QLAD is written to be a server-side addition to game servers, such as Quake 3 or Half-Life. It provides remote console administration or interaction using a specialized client program, as well as player stat tracking and persistence, customizable scripting language, and server configuration management. Statistics can be optionally kept in a database table suitable for website design, thereby providing web accessable stats. Scripts can be modified or written to provide designated in-game admins power to do very specific actions, such as alter friendly fire modes, kick or ban players for pre-set times, or even have an admin chat channel. Any action on a server (kill, death, streak, line said that matches a pattern, join, quit, health or armor change, etc.) can be mapped to do any number of actions in return, such as: make a player glow, give a team health, add to a custom statistic, unlock a player command, show a message, make a player bind, and even shutdown the server.


Methodology 

QLAD interacts with the server in two ways; the console and an optional additional tcp/ip interface. In Half-Life, QLAD monitors log output to the console to detect deaths/kills/lines said, and also interfaces with a meta-mod plugin to gather information about location and health of a player. It will also send any console lines to the console (as determined by a script or console user), and instruct the metamod plugin for special effects, such as HUD text, player glowing, etc.


Security 

QLAD was written with security in mind. In the initial setup, QLAD will only accept connections from localhost, other hosts must be specifically allowed to even connect. The code handling the socket communications has been repeatedly checked for security (buffer overflows, string format exploits, etc.). Other code was written with these in mind as well. Any questionable code is typically commented with an explanation of why it is not exploitable.

Within the protocol for communicating to clients, the password for a user is always encrypted, and optionally the entire connection (using Blowfish), in which case the password is actually doubly encrypted. The TCP/IP socket that the half-life plugin uses to communicate with QLAD only listens on localhost, and outputs a random key to the half-life console, which QLAD reads, and then must provide when making the secondary connection. QLAD needs no exceptional system privleges, the sockets are on user ports (in the 9000 range), and does not need to be run as root (in a *nix envrionment).

For console users, different security levels may be setup for each console user. The ability to configure/add/delete game servers is by default the highest security level (99). Only the server owner should be set at this level. The security levels can give a user permission to do one or all of the following: create/edit scripts, edit script options, edit server admins, create/edit console users, create/edit servers, run user commands on the server, and view the server at all. QLAD 0.66 does not work this way, this functionality was implemented in 0.67

Script functions are limited in their ability to interact with the host operating system. The ability to log a line to a file on the host OS is limited to the log directory set for that server (again editable only by the highest security level). It may still be possible to place malicious scripts on the server if a console user has permission to edit scripts, such as a script that causes an endless loop (though there are some safeguards against this), or use up excessive amounts of CPU, RAM, or space on disk or database. Some amount of trust should be needed to give a console user access to edit scripts.