Path: utzoo!attcan!uunet!samsung!sdd.hp.com!ucsd!ucbvax!TRANSARC.COM!Craig_Everhart From: Craig_Everhart@TRANSARC.COM Newsgroups: comp.soft-sys.andrew Subject: Re: How to Create an AMS Bboard System Message-ID: Date: 5 Jul 90 15:15:11 GMT References: <9007051302.AA23967@mdl.bull.fr> Sender: daemon@ucbvax.BERKELEY.EDU Organization: The Internet Lines: 28 (aside first: yes, andrew.cmu.edu has ~10^4 users, not ~10^5. Apologies.) AFS uses Kerberos authentication. (AFS is now a registered trademark of Transarc Corp., US 412-338-4467) As Nathaniel says, you can build an AMS bboard system out of any Unix-like file system. Bboards are simply directories and files in the file system, and can thus be made as public or as private as the underlying file system permits. There are many possible classes of permissions: the popular ``public'' one requires that everybody have read access to the directory (and its files), but only that the posting daemon, presumably running as a dedicated account, have write/update access to those directories and files. For a bboard that's private to a group, if you can give read access to only the members of that group (and to the posting daemon), you've got it made, to the extent that you trust your file system's access control. In short, AMS doesn't provide for any security above that provided by the underlying storage system. To Nathaniel's point about the ``AMS BUG'': I submitted a patch that should fix it on 16 April (1990); I don't know when the next patch will emerge. We've been running with the locally-patched software, but we don't have Nathaniel's problem since we're using AMDS. (The problem was a problem only for non-AMDS sites.) In any event, the fix simply doesn't discard the route-phrase if there was one. Craig