Path: utzoo!utgpu!news-server.csri.toronto.edu!rpi!zaphod.mps.ohio-state.edu!wuarchive!uunet!munnari.oz.au!cs.mu.OZ.AU!kre From: kre@cs.mu.oz.au (Robert Elz) Newsgroups: news.software.b Subject: Re: "fascist" option (or posting security) Message-ID: Date: 2 May 91 07:00:48 GMT References: <1991Apr26.070028.705000@zeus.calpoly.edu> <17196@celit.fps.com> <1991May1.124919.8706@ohm.york.ac.uk> <1991May1.211353.346@zoo.toronto.edu> Sender: news@cs.mu.oz.au Lines: 23 henry@zoo.toronto.edu (Henry Spencer) writes: >However, you need to be careful to guard against >several other back doors. For what most people seem to want FASCIST for (never used it myself) I doubt that that matters - anyone able to get around it, and actually willing to go to the trouble, probably isn't who you really want to stop (stopping the real bastards is better done with vipw (or similar)). Rather, the idea is to deflect the noise from the newcomers, who accidentally type 'f', then various combinations of 'ZZ' ':wq' ... in an attempt to escape from what they've done, and then post the result. Its not easy to detect this automatically (by looking at the contents of the article), but if you're able to simply prevent postings from anyone who hasn't convinced you that they know how to use an editor, etc, then you'll be a long way towards keeping you local part of uesnet clean. Anyone able to "cat file | uux - utzoo!rnews" obviously knows what they're doing enough to be able to post news (and clearly isn't just making an innocent typo). kre