[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: lynx-dev -anonymous broken in 2.8.4?

From: Bela Lubkin
Subject: Re: lynx-dev -anonymous broken in 2.8.4?
Date: Fri, 6 Sep 2002 16:30:35 -0700

> > > ANONYMOUS_RESTRICTIONS="file_url,download,lynxcfg_info"
> Yes. That would make more sense and probably more widely useful.

Wait a sec... is the idea to restrict all users of Lynx or only when
Lynx is run with "-anonymous"?

Perhaps two different options are wanted here.

Do people who run anonymous Lynx services build customized Lynx binaries
for them, or do they share a single binary between the service and their
own private (unrestricted) use?

I would expect the answer to be: "it varies, everyone does it

To me, an "ANONYMOUS_RESTRICTIONS" setting would imply control over what
gets restricted when you run `lynx -anonymous`.  A "LYNX_RESTRICTIONS"
setting would restrict _all_ runs of Lynx.

In both cases, it would be good to have them as runtime-configurable
options (e.g. in lynx.cfg), not purely compile-time.  I _do_ understand
that some admins may choose to build a separate Lynx binary to be used
_only_ for their anon Lynx service, in which case they would be wise to
compile dangerous options right out of the program.  But neither of the
proposed settings sounds like it would do _that_.

Ideally we would have:

  - ability to compile "-restrictions"-controllable functions right out
    of the program (configure/compile options), to reduce the chance
    that a tricky user might figure out how to get around runtime
    restrictions.  This currently exists in ad-hoc fashion for many, but
    I think not all, of the restrictable functions.

  - ability to restrict some options from all users ("LYNX_RESTRICTIONS"
    setting in lynx.cfg -- note, requires compile-time ability to
    specify a lynx.cfg file which _must always_ be applied, and which,
    if it specifies restrictions, causes any further lynx.cfg files or
    command-line restrictions to be ignored or processed only as
    _additional_ restrictions)

  - ability to define a shorthand ("ANONYMOUS_RESTRICTIONS" setting in
    lynx.cfg), so that running `lynx -anonymous` restricts an
    admin-specified set of capabilities.  This is really just a
    convenience, it only applies if the user is in a controlled
    environment where the admin is supplying the Lynx command-line
    options (i.e. "-anonymous").  Convenient because there may be
    several such Lynx invocations throughout the admin's controlled
    environment; this provides a single point of control.


; To UNSUBSCRIBE: Send "unsubscribe lynx-dev" to address@hidden

reply via email to

[Prev in Thread] Current Thread [Next in Thread]