**This is an old revision of the document!**
Security Levels
This section discusses the Security Levels menu option of PCBSetup. From this menu option, you can control the security level that is required to execute commands or certain functions. The following page begins by discussing how to protect SysOp functions.
Sysop Functions
The fields on this screen give you the ability to control what security level is required to execute the SysOp Commands (1-15). Each of the 15 SysOp commands are represented on this screen. The fact that you can assign different levels to different commands, gives you the ability to have several users who help with SysOp duties. You can then give users access to only those commands that they are required to perform their tasks. The rest of the commands can have higher security levels assigned to them to prevent unauthorized access.
Sysop Commands
Throughout PCBoard there are certain operational characteristics that were designed for SysOp use. For example, there are subcommands available at the End of Message Command prompt that will enable a user to COPY or MOVE the current message to a new conference. Obviously, you do not want all users to have this capability. The security levels required to use functions/commands like the previous example are controlled on this screen.
Sysop Level (for Sysop Menu and F1-Temp-Sysop Upgrade)
The value that you enter in this field determines the minimum security level that constitutes a user being seen as a SysOp. For example, if you enter 100 in this field, any user with a security level of 100 or higher will be seen as a SysOp by PCBoard. This means that these users will see the SysOp menu at the conference command prompt instead of the normal user menu. Just because a user is seen as a SysOp does not mean that they have free reign on your system. Remember that you can control the security level required to execute virtually all of the functions and commands.
In addition, The security level that you enter in this field will be given to the user under the following circumstances.
You temporarily upgrade the access of a user that is online by using the F1 keyboard command. This new security level will only be in effect for the duration of the call. When the user calls in the next time, their old security level will be used.
There is a conference flag (C) which can be set in the user record which designates a user as a conference SysOp. If this flag is set in a conference that you user joins, their security level will be upgraded to the SysOp security level. This security level change will be in effect while the caller is in the conference where they are designated as a conference SysOp. When they leave the conference, their access will be returned to normal.
Level Needed to Read All Comments
In this field, enter the security level that is required for a user to be able to read comments that are left to the SysOp. Comments are seen as any messages that are left by users using the C user command. Because comments are assumed to be of the highest security nature, a user who meets the security level requirements of this field may also read any message on the system.
Level Needed to Read All Mail Except Comments
The security level that you enter in this field will be used to determine if a user may read private mail that is not from or to the current user. If a user has a security level that is equal to or greater than the level that is entered in this field then they may read any private mail with the exception of comments to the SysOp. The level needed to read comments is determined by the previous field on the screen.
Level Needed to Copy or Move Messages Between Areas
Sometimes it is extremely useful to be able to move or copy a message to a new conference. However, you do not want everyone to have this capability for obvious reasons. In order for a user to have the capability of moving or copying a message to a new conference, they must have a security level equal to or greater than the value that you enter in this field.
Level Needed to Enter @-Variables in Message Base
With the exception of @HANGUP@ and @DELAY:nn@, all macros can be entered in a message and displayed when viewing the message. For this reason, you may not want all callers to have this capability. For a user to be able to enter all @ macros such as @USER@ and @MORE@ they must have a security level equal to or greater than the value you enter in this field.
NOTE: All users, may enter @X color codes in their messages regardless of the security level you enter for this field.
Level Needed to Edit Any Message in the Message Base
There are two settings in PCBSetup that will determine if a user will be able
to edit a message. This setting controls whether or not a user can edit any
message they can read regardless if it was entered by them. There is also a
setting in PCBSetup | Security Levels | User Levels which controls the
security level required for a user to edit messages they have left.
Obviously, you are going to want to set the security level required to edit
any message higher than the level required to edit the user's own messages as
it follows the rules of common sense.
In order for a user to edit any message that they can read, they need to have a security level that is greater than or equal to the value you enter in the field on this screen. The ability to edit any message is a some-what powerful function, because you can make it look like people said something in a message that they really did not. Remember, to edit a message you type EDIT at the End of Message Command prompt.
Level Needed to NOT Update Msg Read Status (R O cmd)
The R O user command enables you to read messages without having your last message read pointer updated. This is quite useful for skimming through the message base because you can spend more time reading the messages at a later time. All of this is possible because when using this command, your last message read pointers are not updated.
This particular field will control whether or not PCBoard should avoid
marking the message as having been read when you are reading messages in read
only mode. You may not want all callers to be able to have this ability and
thus defeat your ability to tell if they have read their messages yet.
Setting the security level here outside the reach of your callers will keep
them from using this capability.
Level Needed to Use the BROADCAST Command
The broadcast command is used to send a one line message to a user on another node (or all nodes). In order for the user to be able to use the BR user command they must have a security level that is equal to or greater than the value that you enter in this field.
Level Needed to View the Private Upload Directory
The value you enter in this field will control whether or not a user can view
the private upload directory of the current conference while logged into the
system. If the security level of the caller is greater than or equal to the
value entered, they will be allowed to view the private upload directory.
When logged into the system, you can view file directories using the F user
command. To view the private upload directory of the current conference,
enter P at the directory prompt number.
Level Needed to Enter Generic Messages (@USER@)
When addressing a message, you can address it to @USER@, @##@ or @##-##@ (where ## is a security level) to make it appear that the single message is a personal message for each individual user. All of these messages are referred to as generic messages because one single message can appear to be a personal message for every user on your system.
The advantage of this is that a personal message will get more attention from the user than a message that is addressed to ALL. The disadvantage to using this method is that it can be obnoxious if used too frequently. You can control what users will be able to enter generic messages by entering the required security level to enter these messages in the field on this screen.
Level Needed to Edit Message Headers
The security level entered in this field will determine whether or not a user will be able to edit additional information of the message header by entering E at the End of Message Command prompt. The ability to edit the message header information gives you the ability to perform such operations as re-addressing the message, changing the security on the message, changing the FROM field, and more.
Level Needed to Protect/Unprotect a Message
At the End of Message Command prompt, you can enter U to make a message public or P to make a message private. The value you enter in this field will set the security level that is required for a user to be able to enter these commands.
Level Needed to Overwrite Files on Uploads
When a file already exists on the system, PCBoard will not allow a user to upload the same file. A user that has a security level equal to or greater than the value entered in this field can choose to:
- Remove the existing file
- Continue with the upload (leaving both the old and new files online)
- Abort the upload.
Level Needed to Set the Pack-Out Date on Messages
When entering a message, you can set the message security to D if you have sufficient security. This will enable you to set a date when the message you are about to enter will be automatically removed from the message base. This would be useful if whatever message you are entering is date sensitive. For example, if you offering a special subscription rate until July 1, 1994, you may want to set the pack-out date of the message to July 2, 1994 so that people logging in after the first will not see the message.
Level Needed to See All Return Receipt Messages
Normally a Return Receipt is useful only to the person that requested the return receipt. With this in mind, PCBoard will normally not show the Return Receipt to other users, not even the SysOp. In order to see return receipts that belong to others, you must have a security level equal to or greater than the level specified in this field.
User Commands
Security Levels Required
The top portion of this screen is split into two columns. These two columns list most of the user commands that are available inside of PCBoard. Next to each command description is a field. In each field, enter the minimum security level that is required to execute the command. If the user does not have sufficient security, then the user will receive a notice stating that the command is not available. In each field, you can enter any value between 0 and 255.
The rest of the commands (that are not listed) will be controlled by one of
those that are listed. For example, the FLAG command can be used if the D
command is accessible to the user. This makes sense, because the FLAG
command simply marks files for download. If the user is not capable of
downloading files, you do not want them flagging files. On this screen you
will also see four other fields you can define the security level for.
Level Required for BATCH File Transfers
In order for a user to transfer more than one file at a time, they must have
a security level that meets or exceeds the value you enter in this field.
When batch transfers are disabled, a user may only upload or download a
single file at a time.
Level Required to EDIT Your Own Messages
In this field, enter the security level that is required for a user to be able to edit the contents of messages they have left on the system. Messages are edited by typing EDIT at the End of Message Command prompt.
Users may find that editing their messages would be useful when carrier is lost while entering their message, or if they discover a spelling/grammatical error after saving the message. If you do not want to let your users edit their own messages, set this value to a high security level.
Level Given to Users Who Agree to Register
This field will enable you to determine what security level new users who agree to register on your system will be assigned. After the NEWUSER file is displayed, PCBoard asks the new user if they would like to register on the system. If they agree to register, they will be assigned the security level you enter in this field.
Level Given to Users Who Refuse to Register
If a new user decides not to register on your system, they will be given the security level that you enter in this field. By refusing to register, PCBoard is going to allow the user to look around and will not create a user record because they chose not to register.
You can immediately log the user off of the system if they refuse to register by assigning them a security level of 0. The security level of 0 will tell PCBoard to inform the user that they are being logged off because they refused to register.