In message <9407191552.AA17336@ig1.att.att.com>, Deborah A Hamilton +1
908 949 9459 writes:
>I had the same problem with restrict_post plus an additional
>requirement.
>
>In setting up Majordomo for use at InterNIC Directory and Database
>Services, I had requests to provide the ability to restrict posting
>only the members of the lists and (optionally) to some additional
>ids as well as having the ability to restrict posting to only a
>FEW ids. The restrict_post feature as implemented in R1.92 only
>allows you to restrict posting to a few ids since you can only specify
>one id per file. I hacked the restrict_post code in resend to
>search the entire file for the id, not just the first record in
>the file.
>
>So now if I have a list to which only list members should post, I
>specify "restrict_post = <listname>:<listname>.restrict" and it
>scans the subscription list for matches on the id. If I need to add
>additional ids, they get listed in the file called <listname>.restrict.
This is what the proposed access list syntax will be. This will be
used for ALL access lists, private*, restrict_post,
advertize/noadvertize etc.
There should be both a simple access mechanism to allow:
all access, no access, members only access, password only access
or access list access.
So there would be two items that dealt with permissions. One item to
select the mode of access, and one table to specify access criteria.
This would replace things like private_which with
which_access = {all, none, members, passwd <passwd>}
This sets the default action of the acl is empty.
all => ALL allow
formerly private_which = no
none => ALL deny
no former mechanism
members => MEMBERS allow
formerly private_which = yes
passwd => use approve command with <passwd>
no former mechanism
then there would be a corresponding which_acl that is looked at before
the above default are used.
I needed a scheme that was as flexible as the two keyword scheme used
for advertize/noadvertize. One I like is reminisent of the tcpd
wrappers configuration setup. Each line consists of an:
expression action
pair. Where the expressions are:
/^rouilj/ - perl regular expression
the regexp is enclosed in /'s. It supports a subset
of the perl regular expressions. Only the following
characters are allowed:
any alphanumeric and the underscore (\w class)
the characters .|\?<>$*^+/@:;[]
the characters ( and ) and ' are allowed, but they
are always escaped if they weren't in the original
regexp, so they lose their original meaning.
*cs.umb.edu - regular text
straight text with no embedded whitespace is the
same as the perl regexp /text/ except
that the * character is replaced with ".*".
ALL - matches anything, it is a simple form of * or /.*/.
MEMBER - the address matches if is a member of the mailing
list. If mungedomain is set for the list, then
mungedomain is used when matching addresses.
FILE=<filespec> - the address matches if it is found in the
file <filespec>. If filespec is not an absolute
path, it is considered to be in the majordomo
mailing list directory. If mungedomain is set for
the list, then mungedomain is in effect during
the search. FILE=<listname> is equivalent to
MEMBER.
and action is:
allow - the match causes access to be allowed
deny - the match causes access to be denied
The rules would be applied one after the other, the first match would
end the search. I think this is as flexible as the current two entry
advertize/noadvertize setup, and it puts it in one table which can be
easily scanned. I think some examples are in order the pair:
advertize = /cs.umb.edu/ noadvertize =
would result in the acl:
advertize_acl << END
cs.umb.edu allow
ALL deny
END
while
advertize = /.*cs.umb.edu/ noadvertize = /@cs.umb.edu/
would be:
advertise_list <<
@cs.umb.edu deny
*cs.umb.edu allow
ALL deny
EOF
The access_ only sets the defaults, so it is possible to do something
like:
access_which = passwd fooble
which_acl << END
/^rouilj@cs.umb.edu$/ allow
/^rouilj@.*.mit.edu$/ deny
END
Which means I can send a which command from cs.umb.edu and have it
work, but I will never get the which command to work from mit.
Everybody else has to use an "approve fooble which" command.
Alternatively,
access_which = all
which_acl << END
/^rouilj@.*cs.umb.edu$/ deny
END
will prevent me from having access to the which command from cs.umb.edu.
Quips, comments, evasions, questions, or answers anybody?
Does anybody want to write this code 8-).
-- John
John Rouillard
Senior Systems Consultant (SERL Project) University of Massachusetts at Boston
rouilj@cs.umb.edu (preferred) Boston, MA, (617) 287-6480
==============================================================================
My employers don't acknowledge my existence much less my opinions.
References:
|
|
