lynx-dev
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: lynx-dev order of cfg reading


From: Henry Nelson
Subject: Re: lynx-dev order of cfg reading
Date: Wed, 11 Apr 2001 09:47:31 +0900 (JST)

> only if this is not present fall back to the systemwide, a user
> might just get the sources, take the example cfg and change all
> the values to his gusto (including what I do NOT want him to use).

I don't understand what you are implying here.  If you are talking
about running an "anonymous" or "public access" lynx, then you should
read about that in the documentation.  If indeed you are talking about
that situation, my personal recommendation would be that you build a
binary specifically for that purpose.  However, to the best of my
knowledge, Lynx is safe to run in anonymous mode using the exact same
binary as for privileged users.  Just be sure that you have ANONYMOUS_USER
defined in userdefs.h, and run lynx for those users with the -restrictions
that you need.  They will have no access to lynx.cfg at all.  You may want
to put the whole thing in a wrapper for added protection.  In particular,
I would advise against giving the anonymous user a valid shell.  Carefully
read "Section 4" of userdefs.h, including the following:

 * It is very important to have this correctly defined or include
 * the "-anonymous" command line option for invocation of Lynx
 * in an anonymous account!  If you do not you will be putting
 * yourself at GREAT security risk!
 */
#define ANONYMOUS_USER ""     /* PUT SOMETHING BETWEEN THOSE QUOTES!! */

If you are talking about trying to limit certain features according to
some arbitrary criterion you may have for a certain class of privileged
users, then this is a system administration problem and is beyond the
scope of Lynx, i.e., you're barking up the wrong tree.

__Henry

; To UNSUBSCRIBE: Send "unsubscribe lynx-dev" to address@hidden

reply via email to

[Prev in Thread] Current Thread [Next in Thread]