Xref: utzoo news.software.b:6376 news.software.nntp:974 alt.sys.sun:2318 Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!samsung!sdd.hp.com!wuarchive!udel!rochester!kodak!ispd-newsserver!dcox From: dcox@ssd.kodak.com (Don Cox (253-7121)) Newsgroups: news.software.b,news.software.nntp,alt.sys.sun Subject: nntp question Message-ID: <1990Dec12.223017.24545@ssd.kodak.com> Date: 12 Dec 90 22:30:17 GMT Sender: news@ssd.kodak.com Distribution: na Organization: Eastman Kodak Lines: 45 Originator: dcox@coop System: Sun4/260, SunOS4.0.3 Cnews with nntp I have installed Cnews with nntp on our news-server. I have in the nntp_access file the following: default xmit no This tells me that unless a machine is defined in the nntp_access file, they can only transfer files and can not post. This is true ONLY IF the machine is in the /etc/hosts file on the YP master. For example, my machine, tweety, is in the /etc/hosts of the YP master, and another machine, granny, is not. Neither machine is in the nntp_access file. When I execute the following command from tweety: telnet news-server 119 I am told that posting on the nntp port IS NOT permitted. When I try the same command from granny (NOT in the /etc/hosts file): telnet news-server 119 I am told that posting IS permitted. Why didn't the default of no posting tell granny the same as it did tweety? If I put granny into the /etc/hosts file, then it is restricted from posting also. We have limited machinenames in our /etc/hosts file on the YP (NIS) master; we are trying to have our nameserver resolve the IP addresses and machine- names. Is this a problem with the nameserver on Sun? Or a problem with nntp? Or what? I definately don't want every machine in the world able to post from my news-server, (or read from it either) and I sure can't put every machine in the world in my /etc/hosts file. One of my colleagues seems to remember hearing about a bug in the way the nameserver resolves addresses in SunOS4.0.3, but I couldn't verify this. I don't even know if this could be causing the problem if such a bug did exist. Sorry for another posting similar to one I posted yesterday, but I never got a reply, and I consider this some-what of a serious security problem. Thanks very much. -- Don Cox Phone (716) 253-7121 KMX (716) 253-7998 INTERNET dcox@ssd.kodak.com When an eel bites your leg, and the pain makes you beg, that's a moray!