Path: utzoo!utgpu!jarvis.csri.toronto.edu!mailrus!tut.cis.ohio-state.edu!cs.utexas.edu!swrinde!ucsd!ames!cs!jxxl
From: jxxl@cs.nps.navy.mil (vibo)
Newsgroups: news.admin
Subject: Can a Newsgroup be Restricted...? (FOLLOW-UP)
Message-ID: <352@cs.nps.navy.mil>
Date: 24 Oct 89 18:11:19 GMT
Reply-To: jxxl@cs.nps.navy.mil (vibo)
Organization: Naval Postgraduate School, Monterey CA
Lines: 28

Thanks to all who replied. The problem I presented was in having a
private newsgroup where reading could be restricted to a particular
user group. Following is a summation of the consensus reply.

The steps for restricting access to a newsgroup:

  > The group must be specified in /etc/group
  > Change the group of /usr/spool/news/newsgroupname with chgrp
  > Change the permissions of same to 750 with chmod

This works like a charm on the news server. However, the catch is that
access cannot be restricted by readers who use NNTP to come over the
net. NNTP currently has no facility for identifying the user and the
nntpd runs with root privileges so file restrictions don't apply. NNTP
will allow restrictions by host or by network, but in our case we cannot
generalize about where the users will be. My solution is to follow the
above procedure for restricting the newsgroup on the server and then to
deny any network access to the newsgroup by an appropriate entry in
/usr/lib/news/nntp_access. Users are forced to rlogin to the server to
read the restricted newsgroup. This is not the ideal distributed
solution but seems to be the best we can do with the current software.

Other suggestions which bear on the problem:

Use the "notes" public domain software. Clunky user interface, but does
the trick. I haven't investigated this myself.

Set the FASCIST option in B news to control posting.