Path: utzoo!utgpu!water!watmath!clyde!att!osu-cis!tut.cis.ohio-state.edu!mailrus!uwmcsd1!ig!agate!ucbvax!UBVMSC.CC.BUFFALO.EDU!MASRAD
From: MASRAD@UBVMSC.CC.BUFFALO.EDU (Rad)
Newsgroups: comp.os.vms
Subject: RE: creating a file in my account from another userid.
Message-ID: <8807061616.AA01095@ucbvax.Berkeley.EDU>
Date: 4 Jul 88 18:16:00 GMT
Sender: daemon@ucbvax.BERKELEY.EDU
Organization: The Internet
Lines: 36

Kevin,

>    i have a program that im writing (BBS) that attempts to create a file
>    in my directory [by another user]

I've been working slowly but surely on a BBS program during my free time
over the last few years.  The posting method that was used for a long time
was done using an installed program.  However, after a while I found this
burdensome since I did not have access to the program that actually did
the  program.  So, I went about writing a program to allow posting via
other means. 

   What I wanted was this; the ability for a user to make an addition to
the file in my account, be able to log that that post was made along with
a time stamp etc, and then leave the posting user only with read priveledges
on the file.  I've created a program (on paper) that does such a thing. 
I have actually created, and had beta-tested a program that allows certain
users to be "sysops" of particular boards, while leaving them with no 
special priveledges to my account after they are done sysoping. 

   I did this via network logins, aka "edit/password...etc..."
My main worry in allowing such a program to be run by someone else
was that they would be able to get my password from the program,
since it is hardcoded into the program.  However, after one failure
and several attempts after this failure to break it, several so called
"accomplished" hackers here were unable to break it. 
  
   Is this the sort of beast you were looking for?  If so, please let me
know!  I'll give you all the info and code I have!

     - Rad (Geoffrey A. Cashman)

AT&T  : (716) 836-9694
Snail : 361 LaSalle street  Buffalo, NY 14215
BITnet: MASRAD@UBVMS (or ubvms(a,b,c, or d))
        MASDEV1@UBVM