LISTSERV - LSTSRV-L Archives - COMMUNITY.EMAILOGY.COM

LSTSRV-L Archives

LISTSERV Site Administrators' Forum

LSTSRV-L

	LISTSERV Archives
	LSTSRV-L Home

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives
Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Topic:	[<< First] [< Prev] [Next >] [Last >>]
GETALL, PUTALL, new password scheme for PUT
Eric Thomas <ERIC@FRECP11>
Wed, 13 May 1987 21:09 SET
text/plain (86 lines)
  Release 1.5j implements  2 new commands, GETALL and PUTALL,  which allow the
postmaster or any filelist-owner to override  the GET/PUT FAC he specified for
any file under his control. The syntax is exactly the same as GET and PUT, but
it takes more CPU time to execute of course. The algorithm is very simple:
 
- If  you can  GET  (resp  PUT) a  file,  you can  GETALL  (PUTALL)  it at  no
  additional CPU cost. Otherwise you enter the following algorithm:
 
o If  you can  PUT or  PUTALL the filelist  which contains  the file,  you can
  PUTALL it.
 
o If  you can  PUT or  GETALL the filelist  which contains  the file,  you can
  GETALL it.
 
  Don't  be  mislead by  the  recursive  definition:  the code  that  actually
implements it is NOT  recursive -- we don't have any  CPU/storage to waste, do
we? :-) As implemented it is about 50% slower than a normal PUT for two levels
of nesting (LISTSERV FILELIST <-- CONTROL FILELIST <-- file).
 
  In good english  it means that if  you can modify the  filelist that defines
the file, you can change the appropriate  FAC and become an owner of it. Ditto
if you can modify  the filelist that defines the filelist  that (...). You got
it :-) So  instead of doing the  GET/PUT on the filelist, then  GET/PUT on the
target file and  another GET/PUT on the filelist to  set things back straight,
LISTSERV allows you to do a GETALL  or a PUTALL directly if you really (badly)
need to GET/PUT the file. For example,  if a new LISTSERV is installed and has
an obsolete version of BITEARN VERSION  in its CONTROL FILELIST, I could issue
a PUTALL  command to  update the file  without having to  bother Bert  with it
because CONTROL  FILELIST is PUT=LMC (will  be -- with 1.5i  all filelists are
PUT=N/A because you just could not PUT them :-) ). Another application is that
the postmaster  can now issue  a PUTALL command on  PEERS NAMES and  enjoy the
automatic table refreshing (because LISTSERV  FILELIST is PUT=CTL), instead of
doing  a PUTC  and then  having to  issue a  few CMS  commands to  rebuild the
tables. :-)
 
  Important  note:  under no  condition  of  privilege  or ownership  can  you
override a FAC  of N/A. N/A means  just what it means, NOT  APPLICABLE. When I
set a file to  PUT=N/A, it generally means that executing a  PUT command on it
might have very  nasty adverse effects and it should  not be allowed. Example:
the entry is for  a file that does not really exist but  is under control of a
File  Access Validation  exit  which generates  a  caller-dependent file  when
called  for  a GET  command  (that's  a  possible LISTSERV  implementation  of
NETSERV's "GET  NODENTRY nodeid" command). The  file is mapped to  some fileid
because there must  always exist a fileid  for each file (even if  it's just a
place holder), but it must NEVER be PUT, under NO condition.
 
  An important drawback is  that if you have a File  Access Validation exit on
one of  your filelists (eg LISTSERV  FILELIST) and decided for  some reason to
set  the  PUT FAC  to  ALL  because the  FAV  exec  does all  the  userid@node
validation, you are allowing anybody to  GETALL/PUTALL anything. This is not a
security problem since release 1.5j forces a  built-in FAV to be called when a
PUT takes place on  a filelist (to check the contents of  the filelist) -- the
original  FAV, if  any, is  ignored.  It is  just a  permanent restriction  of
LISTSERV --  filelists cannot  have their  FAV called  during the  PUT command
processing.
 
  I have  also revised the PUT  command password scheme. The  algorithm is now
different:
 
- If  you have  a  personal password  (from  PW ADD),  then  this password  is
  accepted for ANY PUT/PUTALL command coming from you.
 
- If you do have  a personal password but opt to  use the filelist-defined one
  (or,  when applicable,  the  list password),  it's ok  too.  You choose  the
  password you want.
 
- If you  don't have a  personal password,  you MUST use  the filelist-defined
  one.
 
  This means that  you can use your  personal password for all  your local PUT
commands, and  you don't have  to resort to the  filelist one unless  your PUT
command is going to be distributed to servers where you don't have a password,
or where  your password is  different. It gives  you more freedom  while still
allowing you to PUT NODIST a file on any server if there is a problem with it,
even if you don't have a password on that server.
 
  Finally, there  is a new  keyword to  the PUT command:  CKDATE=YES (requires
DATE= to be specified).  This cause the server to compare the  date of the new
file (from  DATE=) with that  of the  old file, and  reject the PUT  if you're
sending an older  file. In other words,  if you're putting one  file today and
again tomorrow  while the file queues  had prevented the first  one from going
through, you can  be sure that the  old one will not overwrite  the latest one
just because it was smaller :-)
 
  Eric
ATOM RSS1 RSS2
COMMUNITY.EMAILOGY.COM