Synchronet v3.19b-Win32 (install) has been released (Jan-2022).

You can donate to the Synchronet project using PayPal.

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision		Previous revision
access:index [2011/11/12 00:07] – created digitalmanaccess:index [2022/02/19 10:51] (current) – [Guest] Figured out the current logon requirements for asking about guest creation. Andre
Line 1: Line 1:
 ====== Access Control ====== ====== Access Control ======
  
-{{indexmenu>.}}+Synchronet Access Control 
 + 
 +===== Introduction ===== 
 + 
 +This topic covers a wide range of methods and instructions on how a Synchronet sysop can enable or restrict access to their BBS. 
 + 
 +===== Host Filtering ===== 
 + 
 +Specific TCP/IP hosts (computers) or ranges of hosts can be restricted from accessing your Synchronet servers through the use of various [[config:filter files]]. Filter files may also be used to restrict specific words from being used in user-generated content (message subjects, user names, aliases, etc.). 
 + 
 +===== Restricting New User Creation ===== 
 + 
 +The sysop can disallow remote users from creating new user accounts by setting [[util:SCFG]]->System->Toggle Options->Closed To New Users to "Yes"
 + 
 +The sysop can restrict users from creating new user accounts to only those that know a semi-secret New User Password (NUP), by setting [[util:SCFG]]->System->New User Password. 
 + 
 +===== Access Controls ===== 
 + 
 +Synchronet user accounts each have the following security/access control settings which the sysop may use to enable or restrict the user's access to specific features of functions of the BBS: 
 + 
 +  * [[Level]]: a value (a.k.a. security level) between 0 and 99, with level 90-99 being reserved for operators of the system (sysops/co-sysops) 
 +  * [[Flags]]: 4 sets of 26 sysop-defineable toggle flags (A-Z) which allow for customized access control 
 +  * [[Exemptions]]: 26 flags (A-Z) which have pre-defined functions to exempt the user from specific limitations 
 +  * [[Restrictions]]: 26 flags (A-Z) which have pre-defined functions to restrict the user from using specific features/functions 
 +  * [[Expiration]]: a date a which time the user account will be automatically deleted (regardless of inactivity) 
 +  * [[Credits]]: a balance of credit which the user can deposit into (e.g. by uploading files) or withdraw from (e.g. by downloading files) 
 +  * [[Minutes]]: a balance of time which the user can use to go beyond their normally limited time per/call or per/day (a.k.a. time bank) 
 + 
 +===== New User Values ===== 
 + 
 +The sysop determines which access control values will be assigned to newly created user accounts in [[util:SCFG]]->System->New User Values: 
 + 
 +<file> 
 +╔══════════════════════════════════════════════════════════╗ 
 +║                      New User Values                     ║ 
 +╠══════════════════════════════════════════════════════════╣ 
 +║ │Level                      50                           ║ 
 +║ │Flag Set #1                                             ║ 
 +║ │Flag Set #2                                             ║ 
 +║ │Flag Set #3                                             ║ 
 +║ │Flag Set #4                                             ║ 
 +║ │Exemptions                                              ║ 
 +║ │Restrictions                                            ║ 
 +║ │Expiration Days            0                            ║ 
 +║ │Credits                    10,485,760                   ║ 
 +║ │Minutes                    0                            ║ 
 +║ │Editor                     FSEDITOR                     ║ 
 +║ │Command Shell              DEFAULT                      ║ 
 +║ │Download Protocol          None                         ║ 
 +║ │Default Toggles...                                      ║ 
 +║ │Question Toggles...                                     ║ 
 +╚══════════════════════════════════════════════════════════╝ 
 +</file> 
 + 
 +In the above example, newly created user accounts will have: 
 + 
 +  * [[Level]] 50 (never set above 89) 
 +  * No [[flags]] set in any of the sysop-defined flag sets (1-4) 
 +  * No [[exemptions]] 
 +  * No [[restrictions]] 
 +  * Will not [[expiration|expire]] 
 +  * Will have a [[credits]] balance of 10MB 
 +  * Will have 0 [[minutes]] in their time bank 
 + 
 +===== Access Requirements ===== 
 + 
 +The sysop can specify combinations of access controls (e.g. security level, flags) and user values (e.g. gender, age, etc.) in [[util:SCFG]] (mostly under the options named "Access Requirements") to control access to specific areas or functions of the BBS and restrict to specific groups of users. 
 + 
 +See [[requirements|Access Requirements]] for more details. 
 + 
 +===== Creating and Editing User Accounts ===== 
 + 
 +There are multiple methods available for creating and editing user accounts: 
 +  * By calling or connecting to the BBS and selecting "New" at the Login prompt 
 +  * [[module:makeuser]] module (user creation only) 
 +  * [[module:makeguest]] module (Guest account creation only) 
 +  * [[util:uedit]] TUI user editor 
 +  * [[util:useredit]] GUI user editor 
 +    * User->Editor menu option from the [[monitor:sbbsctrl|Synchronet Control panel for Windows]] 
 +  * [[util:gtkuseredit]] GUI user editor (*nix) 
 +  * "UEDIT" sysop command, available while logged-in to the [[server:Terminal]] server as an operator of the system (sysop) 
 +      * e.g. '';uedit'' command from the main menu of the default command shell 
 + 
 +==== Sysop ==== 
 + 
 +The first user account created when connected to the [[server:Terminal]] server will automatically be given Sysop-level access (i.e., Security level 90, all flags and all exemptions). 
 + 
 +For this reason, the System Password is prompted for (with the SY: prompt) 
 +during the first new user creation process. 
 + 
 +The sysop account is traditionally the first user record in the database 
 +(i.e., user #1). This user account should not have the alias of "Sysop" - use your 
 +real name or a handle instead. Synchronet automatically treats the alias of 
 +Sysop specially and forwards any mail received for "Sysop" to user #1. 
 + 
 +==== Guest ==== 
 + 
 +Some sysops will want to have a ''Guest'' user account on their BBS. Guest accounts can be used to allow: 
 + 
 +  * Inspection of basic BBS content without creating a user account 
 +  * Anonymous FTP access 
 + 
 +=== Guest Account Creation === 
 + 
 +When a sysop with [[access:level|Security Level]] 99 logs into the [[server:Terminal]] server, they will be asked to create a Guest account if the following conditions are met: 
 + 
 +  * Sysop's [[access:level|Security Level]] is 99 
 +  * ''Guest'' user does not already exist 
 +  * Sysop has not already been asked and said ''No'' and to not be asked again 
 + 
 +If the sysop answers ''Yes'', the [[:module:makeguest]] [[:custom:JavaScript]] module will be executed to create the ''Guest'' account with the recommended access controls: 
 + 
 +  * [[Restrictions]]: ''G, K, P, M, W, R, C'' 
 +  * [[Exemptions]]: ''G, L, P, T'' 
 + 
 +If you answered ''No'' to both the "create Guest?" and "Ask again later?" prompts, you will need to run the makeguest.js module manually if you wish to create a ''Guest'' account.
  
 ===== See Also ===== ===== See Also =====
 +  * [[:access:requirements|Access Requirements (ARS)]]
   * [[:config:|Configuration]]   * [[:config:|Configuration]]
 +  * [[:howto:Block-Hackers|How To: Block Hackers]]
  
-{{tag>access}}+{{tag>access guest}}
  

Trace: