I would like to set up a rslight install that does not allow unauthenticated users to list groups or read articles.

Is there a way to prevent anonymous NNTP reader access and require authentication to list newsgroups and issue commands?

I am thinking along the lines of how Eternal September has their newsgroup access configured. A user must have an account to see the newsgroups or pull articles.

--
3883@sugar.bug | sybershock.com | alt.sources.crypto | sci.crypt

On Mon, 11 Mar 2024 00:07:31 +0000, SugarBug wrote:

> I would like to set up a rslight install that does not allow unauthenticated users to list groups or read articles.
>
> Is there a way to prevent anonymous NNTP reader access and require authentication to list newsgroups and issue commands?
>
> I am thinking along the lines of how Eternal September has their newsgroup access configured. A user must have an account to see the newsgroups or pull articles.

That feature does not exist, but I can add it. It's a good feature as long
as there is a config toggle to turn it on or off.

Right now you can read without auth, but auth is required for posting. At
least it's meant to be that way unless you're seeing otherwise.

At first, I would just require auth for all groups. We could add a config
array after that to allow some groups but it's just more work.

I'll take a look at starting on this in a couple of days.

On Sun, 10 Mar 2024 17:15:49 -0700
Retro Guy <retroguy@novabbs.org> wrote:

> On Mon, 11 Mar 2024 00:07:31 +0000, SugarBug wrote:
>
> > I would like to set up a rslight install that does not allow unauthenticated users to list groups or read articles.
> >
> > Is there a way to prevent anonymous NNTP reader access and require authentication to list newsgroups and issue commands?
> >
> > I am thinking along the lines of how Eternal September has their newsgroup access configured. A user must have an account to see the newsgroups or pull articles.
>
> That feature does not exist, but I can add it. It's a good feature as long
> as there is a config toggle to turn it on or off.
>
> Right now you can read without auth, but auth is required for posting. At
> least it's meant to be that way unless you're seeing otherwise.
>
> At first, I would just require auth for all groups. We could add a config
> array after that to allow some groups but it's just more work.
>
> I'll take a look at starting on this in a couple of days.

Great! I'll check back probably by the weekend and test it.

--
3883@sugar.bug | sybershock.com | alt.sources.crypto | sci.crypt

On Mon, 11 Mar 2024 01:41:38 +0000, SugarBug wrote:

> On Sun, 10 Mar 2024 17:15:49 -0700
> Retro Guy <retroguy@novabbs.org> wrote:
>
>> On Mon, 11 Mar 2024 00:07:31 +0000, SugarBug wrote:
>>
>>> I would like to set up a rslight install that does not allow unauthenticated users to list groups or read articles.
>>>
>>> Is there a way to prevent anonymous NNTP reader access and require authentication to list newsgroups and issue commands?
>>>
>>> I am thinking along the lines of how Eternal September has their newsgroup access configured. A user must have an account to see the newsgroups or pull articles.
>>
>> That feature does not exist, but I can add it. It's a good feature as long
>> as there is a config toggle to turn it on or off.
>>
>> Right now you can read without auth, but auth is required for posting. At
>> least it's meant to be that way unless you're seeing otherwise.
>>
>> At first, I would just require auth for all groups. We could add a config
>> array after that to allow some groups but it's just more work.
>>
>> I'll take a look at starting on this in a couple of days.
>
> Great! I'll check back probably by the weekend and test it.

I have it working now, but I'll do some more testing before I push it to
gitlab. It was pretty simple.

Retro Guy wrote:

> On Mon, 11 Mar 2024 01:41:38 +0000, SugarBug wrote:

>> On Sun, 10 Mar 2024 17:15:49 -0700
>> Retro Guy <retroguy@novabbs.org> wrote:
>>
>>> On Mon, 11 Mar 2024 00:07:31 +0000, SugarBug wrote:
>>>
>>>> I would like to set up a rslight install that does not allow unauthenticated users to list groups or read articles.
>>>>
>>>> Is there a way to prevent anonymous NNTP reader access and require authentication to list newsgroups and issue commands?
>>>>
>>>> I am thinking along the lines of how Eternal September has their newsgroup access configured. A user must have an account to see the newsgroups or pull articles.
>>>
>>> That feature does not exist, but I can add it. It's a good feature as long
>>> as there is a config toggle to turn it on or off.
>>>
>>> Right now you can read without auth, but auth is required for posting. At
>>> least it's meant to be that way unless you're seeing otherwise.
>>>
>>> At first, I would just require auth for all groups. We could add a config
>>> array after that to allow some groups but it's just more work.
>>>
>>> I'll take a look at starting on this in a couple of days.
>>
>> Great! I'll check back probably by the weekend and test it.

> I have it working now, but I'll do some more testing before I push it to
> gitlab. It was pretty simple.

This commit has been pushed to gitlab:
https://gitlab.com/rslight-public/rocksolid-light

The changed file is $config_dir/scripts/rslight-lib.php

You need to enable this feature in overrides.inc.php by adding:

// Require authentication for all commands to nntp server
'nntp_full_auth_required' => true,

This will require auth for all commands to nntp server (not mode, authinfo or quit of course).

--
Retro Guy

Retro Guy wrote:

> Retro Guy wrote:

>> On Mon, 11 Mar 2024 01:41:38 +0000, SugarBug wrote:

>>> On Sun, 10 Mar 2024 17:15:49 -0700
>>> Retro Guy <retroguy@novabbs.org> wrote:
>>>
>>>> On Mon, 11 Mar 2024 00:07:31 +0000, SugarBug wrote:
>>>>
>>>>> I would like to set up a rslight install that does not allow unauthenticated users to list groups or read articles.
>>>>>
>>>>> Is there a way to prevent anonymous NNTP reader access and require authentication to list newsgroups and issue commands?
>>>>>
>>>>> I am thinking along the lines of how Eternal September has their newsgroup access configured. A user must have an account to see the newsgroups or pull articles.
>>>>
>>>> That feature does not exist, but I can add it. It's a good feature as long
>>>> as there is a config toggle to turn it on or off.
>>>>
>>>> Right now you can read without auth, but auth is required for posting. At
>>>> least it's meant to be that way unless you're seeing otherwise.
>>>>
>>>> At first, I would just require auth for all groups. We could add a config
>>>> array after that to allow some groups but it's just more work.
>>>>
>>>> I'll take a look at starting on this in a couple of days.
>>>
>>> Great! I'll check back probably by the weekend and test it.

>> I have it working now, but I'll do some more testing before I push it to
>> gitlab. It was pretty simple.

> This commit has been pushed to gitlab:
> https://gitlab.com/rslight-public/rocksolid-light

> The changed file is $config_dir/scripts/rslight-lib.php

> You need to enable this feature in overrides.inc.php by adding:

> // Require authentication for all commands to nntp server
> 'nntp_full_auth_required' => true,

> This will require auth for all commands to nntp server (not mode, authinfo or quit of course).

Did this end up working for you?

--
Retro Guy