• src/sbbs3/answer.cpp ftpsrvr.c login.cpp logon.cpp

    From Rob Swindell@VERT to Git commit to main/sbbs/master on Sunday, February 20, 2022 17:03:23
    https://gitlab.synchro.net/main/sbbs/-/commit/3632b9c328d19fcd803cdb75
    Modified Files:
    src/sbbs3/answer.cpp ftpsrvr.c login.cpp logon.cpp
    Log Message:
    Change the semantics of the "Allow Sysop Logins" setting in SCFG->System

    As Andre pointed out while documenting this setting on the wiki, the option seemed confusing: if a sysop could not login with "system operator access", how could they login at all? Answer: they could not.

    This setting used to be called "Allow Remote Sysop Logins", back when there was the concept of a "local login", so setting this option to "No" would mean that user accounts with sysop access could only be used for *local* login. But in Synchronet v3, there's really no such concept as a "local login", so it was changed to just "Allow Sysop Logins" (period) and not a lot of thought given to how/why a sysop would actually set to this "No" or what the implications would be (presumably, nobody ever sets this to "No").

    So rather than just get rid if the option altogether, I changed it to mean: an account with sysop access (i.e. level 90+) can still login, but any action that normally requires the system password will not be allowed. This includes the sysop-actions available in the FTP server when authenticating with <user-pass>:<system-pass> as the password. The sysop-user can still authenticate (and login), but none of those sysop-actions will be available to them.

    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net