platt@ndla.UUCP (Daniel E. Platt) (02/02/90)
In article <SCOTT.90Jan29123807@oswald.cs.odu.edu>, scott@cs.odu.edu (Scott Yelich) writes: > >In article <471@msdrl.UUCP>, elliston@msdrl.UUCP (Keith Elliston) writes: > >>Does anyone have a decent BBS that i can run on my Unix PC? ... I'd probably write my own interface that would do things like display certain directories, perhaps be menu driven with screen management handled by curses. File transfers can be handled by invoking kermit. A simple message center can be created as well. The advantages of this is that you can allow ONLY what you want to happen via such a shell, and get to system functions by using 'system()'. You can set up a login entry in /etc/passwd so that the invoked shell is the bbs shell (call it 'bbs_shell') by entering: bbs_guest:<password>:uid:gid:BBS Login Account:/u/bbs:/bin/bbs_shell so that people would get 'bbs_shell' right when they logged in. You'd probably not require a <password> at this level, and instead make bbs_shell handle it. This would have the advantage of being OPEN. Anybody could dial in; each person could create their own account; and you could manage various different levels of security/privilage. > I plan to simply install news and my 2400bps modem to port 0 and then just > allow poeple to use unix. Unix as well as usetnet access seem to be enough > to grab people attentions... The news reader programs keep a .newsrc file to keep track of what each account has read. Unless you intend to have a different account for each of your BBS readers, you don't want this. I guess I'd prefer to just use a 'guest' account. On the other hand, you could impose a 'restricted shell' in /etc/passwd (one comes with the system). Then you could provide a certain subset of commands for people to do (kermit, cp, rn, mailx, etc). This isn't as flexible as the above; and you'ld need to create accounts for EVERYBODY. > > The only thing I am worried about is the security... I do not know a lot > about 3b1 security... but it doesn't look like it is a very secure machine > from a quick glance! > As far as security; if you hook up a modem at all, you should have secured all the accounts on your system (put on passwords, made sure that your group and user permissions are set up correctly, etc). Hope these ideas help out... Dan Platt