Path: utzoo!utgpu!jarvis.csri.toronto.edu!mailrus!tut.cis.ohio-state.edu!cs.utexas.edu!uunet!mcvax!hp4nl!mhres!jv From: jv@mh.nl (Johan Vromans) Newsgroups: news.software.nntp Subject: Re: NNTP authentication Message-ID: Date: 2 May 89 20:33:45 GMT References: <13084@paris.ics.uci.edu> Sender: jv@mhres.mh.nl Organization: Multihouse Gouda, the Netherlands Lines: 40 In-reply-to: nagel@beaver.ics.uci.edu's message of 1 May 89 22:48:27 GMT In article <13084@paris.ics.uci.edu> nagel@beaver.ics.uci.edu (Mark Nagel) writes: > This has been brought up before, but some people here have recently > re-asked the question, "Why can't we make certain groups readable only > be certain people?" again. [Etc...] Having to deal with the same problem, I have hacked nntp 1.5 with the following extensions: - the client sends a "HELO " command upon connection, and uses the result instead of the initial "Ready" message if it's 250 or 251. - the server accepts such a "HELO " command, and can use it to delimit access. Posting access is denied by sending "251" instead of "250" (if I remember well). - the newsgroup name matching algorith has been made more restrictive, such that "group-x" means "group-x" only. Extensions could be made to add full 'rnews'-style newsgroups-lists. Of course, this method depends on the co-operation of the client. Any user who can write his own nntp-access routines can bypass the user-based authorization (not the hostname-based authorization). Currently, if no "HELO" command is sent, default access for the host is allowed. Writing the hostname/username in the nntp logfile gives usefull information about the users who are reading news using nntp. Of course this is a hack. It works for me, but it is not fool-proof not completed. If anyone wants to take these modifications as a start, I'll be glad to send them. Johan -- Johan Vromans jv@mh.nl via european backbone (mcvax) Multihouse Automatisering bv uucp: ..!{mcvax,hp4nl}!mh.nl!jv Doesburgweg 7 phone: +31 1820 62944 2803 PL Gouda - The Netherlands fax: +31 1820 62500