Skip to content
Snippets Groups Projects
Select Git revision
  • dd_msg_area_chooser_coloring_fix_and_separator_char_fix
  • dailybuild_linux-x64
  • dailybuild_win32
  • master default protected
  • sqlite
  • rip_abstraction
  • dailybuild_macos-armv8
  • dd_file_lister_filanem_in_desc_color
  • mode7
  • dd_msg_reader_are_you_there_warning_improvement
  • c23-playing
  • syncterm-1.3
  • syncterm-1.2
  • test-build
  • hide_remote_connection_with_telgate
  • 638-can-t-control-c-during-a-file-search
  • add_body_to_pager_email
  • mingw32-build
  • cryptlib-3.4.7
  • ree/mastermind
  • sbbs320d
  • syncterm-1.6
  • syncterm-1.5
  • syncterm-1.4
  • sbbs320b
  • syncterm-1.3
  • syncterm-1.2
  • syncterm-1.2rc6
  • syncterm-1.2rc5
  • push
  • syncterm-1.2rc4
  • syncterm-1.2rc2
  • syncterm-1.2rc1
  • sbbs319b
  • sbbs318b
  • goodbuild_linux-x64_Sep-01-2020
  • goodbuild_win32_Sep-01-2020
  • goodbuild_linux-x64_Aug-31-2020
  • goodbuild_win32_Aug-31-2020
  • goodbuild_win32_Aug-30-2020
40 results

security.html

Blame
    • security.html 17.01 KiB 
    <html>

<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
<meta name="GENERATOR" content="Microsoft FrontPage 4.0">
<meta name="ProgId" content="FrontPage.Editor.Document">
<title>ARS Security</title>
</head>

<body>

<!--webbot bot="Include" U-Include="_borders/top.htm" TAG="BODY" startspan -->

<a href="http://www.synchro.net"><img border="0" src="images/synclogo_fancyred.png" alt="Synchronet BBS - Multinode Bulletin Board Software" width="626" height="86"></a>

<hr>

<!--webbot bot="Include" endspan i-checksum="23126" -->

<p><a name="top"></a><a href="sysop.html#TOC">Back to Table of Contents</a></p>

<h2><a name="Introduction">[7.1] - Introduction to ARS
Security</a></h2>
<pre>ARS stands for Access Requirement Strings. Access requirement strings are used
to specify the requirements of a user to have access to features/sections of a
Synchronet BBS. The string can consist entirely of English key words and
numbers or use short-hand symbols to fit a large number of security
requirements into the 40 character space allowed for access requirement
strings. Short-hand symbols and key words may be used interchangeably and
combined in the same string. For clarity, it is suggested you use the key words
whenever possible. The string syntax is as follows:

<b>usage: [not] [parm] [not] [equal] &lt;value&gt; [or] [and] [...]</b>

<i>where:</i> <b>not</b>      is the word &quot;NOT&quot; or the symbol '!' to specify reverse logic
       <b>parm</b>     is one of any keywords (or short-hand symbols) that specifies
                a specific required parameter (default is LEVEL)
       <b>equal</b>    is the word &quot;EQUAL&quot;, &quot;EQUALS&quot;, the words &quot;EQUAL TO&quot;, or the
                symbol '=' to specify exact equality required
       <b>value</b>    the required value (for either minimum requirement or equality)
       <b>or</b>       the word &quot;OR&quot; or the symbol '|' used to specify that ANY of two
                or more parameter values MAY be met to match the requirement
       <b>and</b>      the word &quot;AND&quot; or the symbol '&amp;' may be used for clarity in
                reading when specifying that two or more parameter values MUST
                be met to match the requirement</pre>
<h2><a name="Keywords/Symbols">[7.2] - Key words and Symbols</a></h2>
<pre><b>Key word      Symbol	Description
</b>------------------------------------------------------------------------------
AND		&amp;	More than one requirement (optional)
NOT		!	Logical negation (e.g. NOT EQUAL)
EQUAL		=	Equality required
OR		|	Either of two or more parameters is required
AGE		$A	User's age (years since birthdate, 0-255)
ANSI		$[	User has ANSI terminal (no value argument)
BPS		$B	User's current connect rate (bps)
CREDIT		$C	User's number of credits in Kilobytes (0-65535)
DAY		$W	Day of the week (Sun, Mon, Tue, etc. or 0-6)
DIR		$J	Current file directory (Internal code or 1-65535)
DOS			Current node is running SBBS4DOS (no value argument)
EXEMPT		$X	Exemption flag (A-Z)
EXPERT			User is in expert menu mode (no value argument)
EXPIRE		$E	Days till user account expires (0-65535)
FILE_CMDS		Number of executed file menu commands (0-65535)
FLAG		$F	User's flag (1-4) and (A-Z)
GROUP		$M	Current message group (1-65535)
LASTON		$Y	Days since last logon (0-65535)
LEVEL		$L	User's level (0-99)
LIB		$I	Current file library (1-65535)
LOCAL		$G	Logged on locally (no value argument)
MAIN_CMDS		Number of executed main menu commands (0-65535)
    NODE		$N	Current node (1-250)
OS2			Current node is running SBBS4OS2 (no value argument)
PCR		$P	User's post/call ratio (0-100)
QUIET			User is in quiet mode
RANDOM		$Q	Random number between 0 and value argument (0-65535)
REST		$Z	Restriction flag (A-Z)
RIP		$*	User has RIP terminal (no value argument)
SEX		$S	User's sex/gender (M or F)
SUB		$H	Current message sub-board (Internal code or 1-65535)
SYSOP			User has level 90 or temp sysop (no value argument)
TIME		$T	Time of day (HH:MM, 0-23:59)
TLEFT		$R	User's time left online (minutes, 0-255)
TUSED		$O	User's time online this call (minutes, 0-255)
UDR		$K	User's upload/download ratio (0-100)
UDFR		$D	User's upload/download file ratio (0-100)
USER		$U	User's number (1-xxxx)
WIP			User has WIP compatible terminal (no value argument)
UNIX			BBS is running on a UNIX clone</pre>
<h2><a name="GeneralUsageExamples">[7.3] - ARS General Usage Examples</a></h2>
<pre><b>General Example #1</b>

LEVEL 60

This string specifies that only users with a level of 60 OR HIGHER meet this
requirement. The space between the level and the required value is optional:

LEVEL60

is functionally equivalent, but doesn't read as well. You may also use short
hand symbols in place of key words to save space:

$L 60

is also functionally equivalent. Once again, the space between the short hand
symbol and the required value is optional. If a parameter is not specified,
the requirement is assumed to be LEVEL. So the following string:

60

is also valid and evaluates the same as the above strings.

<b>General Example #2</b>

NOT LEVEL 60

This string specifies that only users with a level BELOW 60 will meet the
requirement. The &quot;NOT&quot; key word can be include before or after the parameter:

LEVEL NOT 60

evaluates identically to the first string in this example.

Short-hand symbols may be used to abbreviate the string:

LEVEL !60

$L!60

!60

have exactly the same meaning as the first string in this example.

<b>General Example #3</b>

LEVEL EQUAL 60

This string specifies that only users with a level EQUAL TO 60 will meet
this requirement. The key word &quot;EQUALS&quot; or the combination &quot;EQUAL TO&quot; may
be used in place of &quot;EQUAL&quot; if preferred:

    LEVEL EQUALS 60

and

LEVEL EQUAL TO 60

are both functionally equivalent to the first string in this example. Again,
short-hand symbols may be used to make the string shorter:

LEVEL = 60

evaluates identically to the above example strings and the space on either side
of the '=' symbol are also optional:

LEVEL=60

is valid and may be preferred by some sysops. Since level is the default
parameter type, the following string is also valid:

=60

<b>General Example #4</b>

LEVEL 60 AND FLAG 1A

This string indicates that the user must have a level of 60 or higher AND have
the flag 'A' from flag set #1. The user must meet both requirements in order to
be considered as meeting all the requirements of the string. The &quot;AND&quot; portion
of the string is only included for clarity in reading and is optional:

LEVEL 60 FLAG 1A

has the same meaning, but may be confusing when read. When specifying a flag
from flag set #1, the set number may be eliminated:

LEVEL 60 AND FLAG A

is functionally the same and is the preferred method of referring to flags from
flag set #1. When specifying the flag set, spaces can be on either side of
the number, or eliminated entirely:

LEVEL 60 AND FLAG1 A

and

LEVEL 60 AND FLAG 1 A

and

LEVEL 60 AND FLAG1A

have the same meaning as the first string in this example, but are probably
not as easy to read as the second string in this example.

The following strings all have the same meaning as the first string in this
example but have been shortened using symbols and other short-cuts:

LEVEL 60 &amp; $F A

$L60 AND $FA

$L60$FA

60$FA

but for reasons of clarity, the first string is preferred if space allows.

<b>General Example #5</b>

SEX F OR LEVEL 90
    
This string specifies that the user must be of FEMALE gender OR have a level
of 90 or higher. The following strings are functionally equivalent to the
above:

SEX F | LEVEL 90

SEXF|LEVEL90

$SF | $L90

$SF|$L90

<b>General Example #6</b>

USER NOT EQUAL TO 20

This string specifies that user #20 will not meet the requirement.

Shortened using symbols:

$U!=20

<b>General Example #7</b>

BPS 9600 OR NOT TIME 19:00

This string specifies that the user must be connected at 9600bps or higher,
OR the time of day must be before 7pm. The value for the TIME parameter
is in the format 24 hour format of HH:MM. If the specified time is on an even
hour, then &quot;:00&quot; portion may be omitted:

BPS 9600 OR NOT TIME 19

has the same meaning.

You may also omit the &quot;00&quot; from the BPS value to shorten the string:

BPS 96 OR NOT TIME 19

Shortened versions:

$B 9600 OR NOT $T19

BPS9600|!TIME19

$B96|!$T19

<b>General Example #8</b>

BPS 9600 OR TIME NOT 18:00 OR TIME 21:30

This string specifies that the user must be connected at 9600bps or higher,
OR the time of day must be before 6pm, OR the time of day must be after
9:30pm.

When specifying multiple parameters of the same type consecutively (in this
example, two of the required parameters are &quot;TIME&quot;), the parameter does
not need to be restated. For example, the string:

BPS 9600 OR TIME NOT 18:00 OR 21:30

has the same meaning as the first string in this example.

Shortened versions:

$B 9600 OR NOT $T 18 OR 21:30

$B96|$T!18|21:30

    <b>General Example #9</b>

FLAG A OR FLAG B OR FLAG C OR LEVEL 90

The above string specifies that a user must have flag A, flag B, flag C, (all
from flag set #1) or a level of 90 or higher to meet the requirement. Using the
&quot;sticky&quot; parameter type feature of AR Strings, we can shorten the line:

FLAG A OR B OR C OR LEVEL 90

Utilitizing symbols, we can shorten it even further:

FLAG A|B|C OR LEVEL 90

Taking it to extremes:

$FA|B|C|$L90

<b>General Example #10</b>

USER EQUALS 145 OR LEVEL 90

This string indicates that user number 145 will meet the requirement and all
users with level 90 and higher (sysops).

Best shortened as:

USER=145 OR LEVEL 90

For ultimate compression:

$U=145|$L90

<b>General Example #11
</b>
LEVEL 60 AND FLAG X AND FLAG Y AND FLAG Z

Compressed examples:

LEVEL 60 AND FLAG X AND Y AND Z

LEVEL 60 AND FLAG X Y Z

LEVEL 60 FLAG XYZ

LEVEL60 FLAGXYZ

$L60 $FXYZ

60$FXYZ

<b>General Example #12
</b>
FLAG 2A OR FLAG 2B OR FLAG 4Z

This string specifies that the user must have either flag 'A or 'B' from flag
set #2, or flag 'Z' from flag set #4. Using the &quot;sticky&quot; parameter type
feature, this could be shortened to:

FLAG 2A OR B OR FLAG 4Z

If the flag set is not #1, you MUST specify the flag set number when using
the FLAG keyword.

Example:

FLAG 2A OR FLAG B OR FLAG 4Z

is NOT the same as the first two strings in this example. The second flag (B)
would be considered as from flag set #1, since a flag set number was not
    specified.

Correct and shortened version:

FLAG2A|B OR FLAG4Z

$F2A|B|$F4Z

Note: Multiple flag sets were developed for advanced sysops who found that
      the 26 flag limitation (A-Z) was insufficient and requested additional
      flag capabilities. Most sysops will probably not find it necessary to
      use more than 26 flags, and therefore have no need for flag sets 2
      through 4.

<b>General Example #13</b>

NOT FLAG 2G

This string specifies that the user most not have flag 'G' from flag set #2.
The NOT keyword can appear in several places in this string while keeping
the exact same meaning:

FLAG NOT 2G

FLAG 2 NOT G

Condensed versions:

!$F2G

$F!2G

$F2!G</pre>
<h2><a name="NestingExpressions">[7.4] - Nesting Expressions</a></h2>
<pre>All of the above string examples have been single expressions that evaluate to
either true of false. Sometimes, you may wish to require access to an area
using &quot;nested&quot; logic.

Example: If the user is level 90+, OR the user has the A flag, AND is 21+
         years of age or older.

The above example could be read two ways.

1: The user must have level 90+, and either the A FLAG or be 21+ years old.

2: The user must be 21+ years old and have either the A FLAG or level 90+.

To clarify which of the above methods were intended, we use parentheses to
separate the two true/false expressions.

1: LEVEL 90 OR (FLAG A AND AGE 21)

2: (LEVEL 90 OR FLAG A) AND AGE 21

Strings 1 and 2 are interpreted differently and correlate to the above two
English logic statements.

Whenever using a combination of AND and OR logic, nested expressions are
required. The following string:

LEVEL 90 OR FLAG A AND AGE 21

is INVALID and would most likely NOT produce the desired results.

Expressions may be nested, using parenthesis, as deep as is required.

Example:

((LEVEL 80 OR FLAG S) AND AGE 18) OR LEVEL 90

    is a VALID string that would evaluate with the following:

User with level of 80 and age 17 would not qualify
User with level of 80, flag S and age 17 would not qualify
User with level of 80 and age 18 would qualify
User with flag S and age 18 would qualify
Any user with level 90+ would qualify regardless of age or flags</pre>
<h2><a name="NestedLogicExamples">[7.5] - ARS Nested Logic Examples</a></h2>
<pre><b>Nested Example #1
</b>
BPS 9600 OR (BPS 2400 AND TIME NOT 15:00)

User must be connected at 9600bps or higher, OR be connected at 2400bps or
higher and the time of day being before 3pm. 9600bps and higher callers would
always meet this requirement. 2400-7200bps callers will only meet this
requirement between 12:00 midnight and 3pm in the afternoon. 1200bps and slower
callers would never meet this requirement.

Note, that when nesting expressions, the parameter type DOES NOT stick from
one expression to another. Example:

BPS 9600 OR (2400 AND TIME NOT 15:00)

Is an INVALID string. The 2400 would be interpreted as a LEVEL requirement
since it is as the beginning of a new expression and LEVEL is the default
parameter type.

The first (correct) string in this example, can of course also be shortened
using symbols (and eliminating the AND key word):

$B9600|($B2400$T!15)

<b>Nested Example #2</b>

(SEX M AND AGE 21) OR (SEX F AND AGE 18)

This string specifies that only male users of 21 years and older and female
users of 18 and older will meet the requirement.

Shortened Example:

($SM$A21)|($SF$A18)

The logic of the above string is more verbose than necessary and could be
reduced to:

AGE 21 OR (SEX F AND AGE 18)

producing the same results.

<b>Nested Example #3<u>
</u></b>
(BPS 2400 AND PCR 20) OR LEVEL 90

This string would indicate that users of any level will have access if they
are connected at 2400bps and have a Post/Call ratio of 20% or higher - OR
the users has as least level 90 (sysop).

Utilizing the default parameter type of level, the LEVEL key word can be
omitted:

(BPS 2400 AND PCR 20) OR 90

to create a functionally equivalent, though more confusing, AR string.

A better way to shorten the string would be to eliminate the AND keyword
and use symbols:

($B 2400 $P 20) | $L 90

    Eliminating the spaces creates an even more compact string:

($B2400$P20)|$L90

<b>Nested Example #4<u>
</u></b>
NOT (USER=1 OR USER=20)

All users will meet this requirement accept user #1 and user #20.

The above string could also be stated in a non-nested format with the same
results:

NOT USER=1 AND NOT USER=20

though the meaning is not quite as clear, they are functionally the same.

Note: The second method requires 2 bytes less in raw logic storage because it
      is not nested and will be interpreted slightly faster (by a matter of
      microseconds). Just in case you were wondering...

<b>Nested Example #5<u>
</u></b>
LEVEL 90 OR (TIME 12:00 AND TIME NOT 18:00)

Users with level 90 or higher will always meet this requirement. Users with
levels below 90 will only meet this requirement between 12 noon and 6pm.

Re-arranged:

(TIME 12:00 AND TIME NOT 18:00) OR LEVEL 90

the string has exactly the same meaning. Eliminating the unnecessary occurrence
of the second &quot;TIME&quot; parameter shortens the string while keeping it easily
readable:

(TIME 12:00 AND NOT 18:00) OR LEVEL 90

Maximum compression:

($T12!18)|90</pre>
<p><a href="#top"><b>Back to Top</b></a></p>

<!--webbot bot="Include" U-Include="_borders/bottom.htm" TAG="BODY" startspan -->

<hr>
<p><b><a href="http://www.synchro.net/copyright.html">Copyright</a> © 2000 by </b> <a href="http://www.synchro.net/author.htm"><b>Rob Swindell</b><br>
</a>

<a href="http://www.synchro.net"><font size="2"><br>
Synchronet BBS Software</font></a>  <font size="2">  (Synchronet)
Version 3 is comprised of several documentation,<br>
library, executable, and <a href="http://www.synchro.net/source.html">source code</a> 
files, all of which are covered by the<a href="http://www.fsf.org/copyleft/gpl.html">
<br>
GNU General Public License</a>  with the exception of the following portions
covered by<br>
the <a href="http://www.fsf.org/copyleft/lesser.html">GNU Lesser General Public License</a>:
SMBLIB and XSDK.<br>
<br>
Synchronet Version 2 (for DOS and OS/2) and its source code was released to the<a href="http://www.fsf.org/philosophy/categories.html#PublicDomainSoftware">
<br>
Public Domain</a>  by <a href="ftp://vert.synchro.net/main/sbbs/manifest.txt">Digital Dynamics</a> 
in 1997 and remains Public Domain software today.<br>
Synchronet Version 3 is not Public Domain software.</font></p>
<p align="left"><font size="2"><a href="http://www.synchro.net/author.html">Rob Swindell<br>
</a>PO Box 501<br>Yorba Linda, CA 92885<a href="http://www.synchro.net"><br>
http://www.synchro.net</a>

</font></p>
    <p align="left"><font size="2">For the complete Copyright Information please
read the <a href="http://www.synchro.net/copyright.html">Copyright Documentation</a>
.</font></p>

<!--webbot bot="Include" endspan i-checksum="55766" -->

</body>

</html>