Path: utzoo!attcan!uunet!snorkelwacker!usc!ucsd!ucbvax!cs.glasgow.ac.uk!inei From: inei@cs.glasgow.ac.uk (Nick Nei) Newsgroups: comp.protocols.appletalk Subject: Re: Secure NetNews HyperCard Stack. Message-ID: <12043.9005251423@crete.cs.glasgow.ac.uk> Date: 25 May 90 14:23:09 GMT Sender: daemon@ucbvax.BERKELEY.EDU Organization: The Internet Lines: 32 In article <3012.9005241522@crete.cs.glasgow.ac.uk> inei@cs.glasgow.ac.uk (Nick Nei) writes: > our Computing Science Department. It worries me that any person > can post news. While I can trust members of staff, I cannot trust > students not to abuse this privilege. Chris 'Face' Janton replies: >>At least at our site... The ability to post news can be controlled on a >>per system basis, meaning that unless the nntp server allows my Mac to >>post I can't do a news post. I can send mail, with responses going into >>the bitbucket if I don't have an account on the sending system. >> >>Simply put you should be able to prohibit posting on a system by system >>basis. Only allow those systems that you want to post news. >> >>Am I confused? This is not satisfactory when you have over 300 Macintoshes and there is nothing to stop a bozo coming up with an IP number that is not in your prohibition list! Besides, I DO want to allow people to postnews - just not allow them to post anonymously (so that they can get away with posting offensive stuff and giving the Dept/University a BAD name!). A satisfactory solution: NetNews stack must ask for user-name and password before posting news. Modify nntpd so that it will validate these against /etc/passwd (or equivalent) before calling inews (or whatever). I was wondering if someone has already done this. Mail: Nick Nei, Computing Science Dept., Glasgow Univ., 17 Lilybank Gardens, Glasgow G12 8QQ, UK. Tel: (041) 339 8855 x 5457 ARPA: inei%cs.glasgow.ac.uk@nsfnet-relay.ac.uk USENET: inei@cs.glasgow.uucp