Re: Q: access control problem

[Matthias.Apitz@SOFTCON.de (Matthias Apitz)]

Andreas Eulitz wrote:
    
    HylaFAX version:	v4.0 pl 0
    running on host:	Linux PC (v1.2.13 Kernel, CND distr.)
    compiled with:		gcc 2.7.0
    modem:			Creatix LC144 
    client PC's via:	WinFlex v0.4 beta
    
    I'm running HylaFAX on the configuration stated above. It's a beautifully 
    crafted software (honestly), thanks to uncle Sam :-). I got the following
    (probably WinFlex related) problem:
    
    
    Q: How can I restrict client access via WinFlex to the users named in
      <spooling_area>/etc/hosts? Access is possible though neither the
      user nor the client PC is in <spooling_area>/etc/hosts.
    
      (guess: WinFlex uses the old version 3 hfaxd protocol, does it
       allow access without a proper login procedure?)

The old protocol in hfaxd(1M) has also some checkUser support
but only for some of the operations (for details check the source
in hfaxd/OldProtocol.c++ OldProtocolServer::cmds[]); you can only
contact the server and ask for the status without checkUser;
    
    Playing around with multiple user access I encountered another problem:
    
    Q: Being FaxMaster / root@faxserver, how can I delete somebody else's
       fax jobs? faxrm <job_id> fails with the message
         "Operation not permitted" (or the like)
       Tracing faxrm's communication with hfaxd via the -v option reveals
       that faxrm won't go for ADMINistrative rights even if the user invoking
       faxrm has a admin password set in <spooling_area>/etc/hosts.
    
       (cure: Yes, I could always
          % telnet localhost fax
          USER xxx
          PASS psst!
          ADMIN psssssst!!
          JKILL nnn
          QUIT
        but this a bit wicked to do every time :-()

faxrm(1) has no support for ADMIN; someone should write new/better
clients;

	matthias