If a Q restricted user logs into the bbs via telnet, SSH, etc., they are only shown the QWK menu and if they choose to "quit back to the BBS," the system immediately logs them off. The Q-restricted account cannot access any message areas, or anything else on the system.
If a Q restricted user logs onto the web interface (both the older "runes" or the newer ecweb), they are able to access message areas and even post using their QWK ID.
I would call this a "bug" since it is allowing the web interface to act in a different (and unintended) manner from the terminal interface, but I am also guessing there is some way that I can add something to an existing INI file to prevent this behavior?
If a Q restricted user logs into the bbs via telnet, SSH, etc., they are only shown the QWK menu and if they choose to "quit back to the BBS," the system immediately logs them off. The Q-restricted account cannot access any message areas, or anything else on the system.
A Q-restricted account actually can perform a "normal" login by prepending a '*' to their login-id.
You can set SCFG->Servers->Web Server->Login Requirements (in v3.20a) toREST
NOT Q" and then Q-restricted users won't be able to authenticate with the web server. There's probably other ways to limit access to (e.g. webctrl.iniiles
and maybe something ecWeb-specific), but that's a true brute-force way.
If a Q restricted user logs into the bbs via telnet, SSH, etc., they are only shown the QWK menu and if they choose to "quit back to the BBS," the system immediately logs them off. The Q-restricted account cannot access any message areas, or anything else on the system.
If a Q restricted user logs onto the web interface (both the older
"runes"
or the newer ecweb), they are able to access message areas and even post using their QWK ID.
Should they be able to post, though? In the test I tried, it used the QWK accounts handle, which is <name> Bbs. I know they need to be able to post when uploading REP packets, and probably message the sysop, but should they be able to post to public message areas when logged on via the terminal?
You can set SCFG->Servers->Web Server->Login Requirements (in v3.20a) toREST
NOT Q" and then Q-restricted users won't be able to authenticate with the web server. There's probably other ways to limit access to (e.g. webctrl.iniiles
If a Q restricted user logs into the bbs via telnet, SSH, etc., they are only shown the QWK menu and if they choose to "quit back to the BBS," the system immediately logs them off. The Q-restricted account cannot access any message areas, or anything else on the system.
A Q-restricted account actually can perform a "normal" login by prepending a '*' to their login-id.
Should they be able to post, though? In the test I tried, it used the QWK accounts handle, which is <name> Bbs.
I know they need to be able to post
when uploading REP packets, and probably message the sysop, but should they be able to post to public message areas when logged on via the terminal?
they also are setup in a messy fashion. you take all the various msg netubs
and combine them.
they also are setup in a messy fashion. you take all the various msg netubs
and combine them.
Aside from sysops, when users go looking for a message area to ask a question in, do you think they do it by topic or by network?
part of so long as it has traffic and isn't full of assholes.
Sysop: | Lmorchard |
---|---|
Location: | Portland, OR |
Users: | 63 |
Nodes: | 16 (0 / 16) |
Uptime: | 241:12:54 |
Calls: | 394 |
Files: | 1 |
Messages: | 24,804 |