Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision
Previous revision
access:index [2011/11/12 00:07] – created digitalmanaccess:index [2022/02/19 10:51] (current) – [Guest] Figured out the current logon requirements for asking about guest creation. Andre
Line 1: Line 1:
 ====== Access Control ====== ====== Access Control ======
  
-{{indexmenu>.}}+Synchronet Access Control 
 + 
 +===== Introduction ===== 
 + 
 +This topic covers a wide range of methods and instructions on how a Synchronet sysop can enable or restrict access to their BBS. 
 + 
 +===== Host Filtering ===== 
 + 
 +Specific TCP/IP hosts (computers) or ranges of hosts can be restricted from accessing your Synchronet servers through the use of various [[config:filter files]]. Filter files may also be used to restrict specific words from being used in user-generated content (message subjects, user names, aliases, etc.). 
 + 
 +===== Restricting New User Creation ===== 
 + 
 +The sysop can disallow remote users from creating new user accounts by setting [[util:SCFG]]->System->Toggle Options->Closed To New Users to "Yes"
 + 
 +The sysop can restrict users from creating new user accounts to only those that know a semi-secret New User Password (NUP), by setting [[util:SCFG]]->System->New User Password. 
 + 
 +===== Access Controls ===== 
 + 
 +Synchronet user accounts each have the following security/access control settings which the sysop may use to enable or restrict the user's access to specific features of functions of the BBS: 
 + 
 +  * [[Level]]: a value (a.k.a. security level) between 0 and 99, with level 90-99 being reserved for operators of the system (sysops/co-sysops) 
 +  * [[Flags]]: 4 sets of 26 sysop-defineable toggle flags (A-Z) which allow for customized access control 
 +  * [[Exemptions]]: 26 flags (A-Z) which have pre-defined functions to exempt the user from specific limitations 
 +  * [[Restrictions]]: 26 flags (A-Z) which have pre-defined functions to restrict the user from using specific features/functions 
 +  * [[Expiration]]: a date a which time the user account will be automatically deleted (regardless of inactivity) 
 +  * [[Credits]]: a balance of credit which the user can deposit into (e.g. by uploading files) or withdraw from (e.g. by downloading files) 
 +  * [[Minutes]]: a balance of time which the user can use to go beyond their normally limited time per/call or per/day (a.k.a. time bank) 
 + 
 +===== New User Values ===== 
 + 
 +The sysop determines which access control values will be assigned to newly created user accounts in [[util:SCFG]]->System->New User Values: 
 + 
 +<file> 
 +╔══════════════════════════════════════════════════════════╗ 
 +║                      New User Values                     ║ 
 +╠══════════════════════════════════════════════════════════╣ 
 +║ │Level                      50                           ║ 
 +║ │Flag Set #1                                             ║ 
 +║ │Flag Set #2                                             ║ 
 +║ │Flag Set #3                                             ║ 
 +║ │Flag Set #4                                             ║ 
 +║ │Exemptions                                              ║ 
 +║ │Restrictions                                            ║ 
 +║ │Expiration Days            0                            ║ 
 +║ │Credits                    10,485,760                   ║ 
 +║ │Minutes                    0                            ║ 
 +║ │Editor                     FSEDITOR                     ║ 
 +║ │Command Shell              DEFAULT                      ║ 
 +║ │Download Protocol          None                         ║ 
 +║ │Default Toggles...                                      ║ 
 +║ │Question Toggles...                                     ║ 
 +╚══════════════════════════════════════════════════════════╝ 
 +</file> 
 + 
 +In the above example, newly created user accounts will have: 
 + 
 +  * [[Level]] 50 (never set above 89) 
 +  * No [[flags]] set in any of the sysop-defined flag sets (1-4) 
 +  * No [[exemptions]] 
 +  * No [[restrictions]] 
 +  * Will not [[expiration|expire]] 
 +  * Will have a [[credits]] balance of 10MB 
 +  * Will have 0 [[minutes]] in their time bank 
 + 
 +===== Access Requirements ===== 
 + 
 +The sysop can specify combinations of access controls (e.g. security level, flags) and user values (e.g. gender, age, etc.) in [[util:SCFG]] (mostly under the options named "Access Requirements") to control access to specific areas or functions of the BBS and restrict to specific groups of users. 
 + 
 +See [[requirements|Access Requirements]] for more details. 
 + 
 +===== Creating and Editing User Accounts ===== 
 + 
 +There are multiple methods available for creating and editing user accounts: 
 +  * By calling or connecting to the BBS and selecting "New" at the Login prompt 
 +  * [[module:makeuser]] module (user creation only) 
 +  * [[module:makeguest]] module (Guest account creation only) 
 +  * [[util:uedit]] TUI user editor 
 +  * [[util:useredit]] GUI user editor 
 +    * User->Editor menu option from the [[monitor:sbbsctrl|Synchronet Control panel for Windows]] 
 +  * [[util:gtkuseredit]] GUI user editor (*nix) 
 +  * "UEDIT" sysop command, available while logged-in to the [[server:Terminal]] server as an operator of the system (sysop) 
 +      * e.g. '';uedit'' command from the main menu of the default command shell 
 + 
 +==== Sysop ==== 
 + 
 +The first user account created when connected to the [[server:Terminal]] server will automatically be given Sysop-level access (i.e., Security level 90, all flags and all exemptions). 
 + 
 +For this reason, the System Password is prompted for (with the SY: prompt) 
 +during the first new user creation process. 
 + 
 +The sysop account is traditionally the first user record in the database 
 +(i.e., user #1). This user account should not have the alias of "Sysop" - use your 
 +real name or a handle instead. Synchronet automatically treats the alias of 
 +Sysop specially and forwards any mail received for "Sysop" to user #1. 
 + 
 +==== Guest ==== 
 + 
 +Some sysops will want to have a ''Guest'' user account on their BBS. Guest accounts can be used to allow: 
 + 
 +  * Inspection of basic BBS content without creating a user account 
 +  * Anonymous FTP access 
 + 
 +=== Guest Account Creation === 
 + 
 +When a sysop with [[access:level|Security Level]] 99 logs into the [[server:Terminal]] server, they will be asked to create a Guest account if the following conditions are met: 
 + 
 +  * Sysop's [[access:level|Security Level]] is 99 
 +  * ''Guest'' user does not already exist 
 +  * Sysop has not already been asked and said ''No'' and to not be asked again 
 + 
 +If the sysop answers ''Yes'', the [[:module:makeguest]] [[:custom:JavaScript]] module will be executed to create the ''Guest'' account with the recommended access controls: 
 + 
 +  * [[Restrictions]]: ''G, K, P, M, W, R, C'' 
 +  * [[Exemptions]]: ''G, L, P, T'' 
 + 
 +If you answered ''No'' to both the "create Guest?" and "Ask again later?" prompts, you will need to run the makeguest.js module manually if you wish to create a ''Guest'' account.
  
 ===== See Also ===== ===== See Also =====
 +  * [[:access:requirements|Access Requirements (ARS)]]
   * [[:config:|Configuration]]   * [[:config:|Configuration]]
 +  * [[:howto:Block-Hackers|How To: Block Hackers]]
  
-{{tag>access}}+{{tag>access guest}}
  
access/index.1321085222.txt · Last modified: 2011/11/12 00:07 by digitalman
Back to top
CC Attribution 4.0 International
Driven by DokuWiki Recent changes RSS feed Valid CSS Valid XHTML 1.0