AD> I thought of the key trick, but decided against it. 
 AD> Entering some, say, door game with SysOp access could 
 AD> allow a player to muck about with text files on a drive 
 AD> -- from there, they could probably have a key turned on 
 AD> for them at a menu or something without too much trouble.
if you're running door games that let you access dos, at ANY level, you've 
got problems, no offence =)
That still has nothing to do with having keys to protect the more secure 
things, os shell, user ed, etc. having the keys just provides an extra level 
of security in case they DO somehow get sysop access.
 AD> (I'm a CoSys on a local Telegard board -- to prove a 
 AD> point, I created a filebase that pointed to his C:\ 
 AD> directory. He thought that I couldn't get out of the TG 
 AD> subtree, and -he- had read the docs; I just used 
 AD> guesswork. If he missed a trick, no reason I couldn't. 
 AD> Safer just to purge the whole shebang...)
huh?? You created a filebase without him knowning, or you had access to do so 
so you created one to access the c:\ dir?
 AD> I'm pursuing the idea that even if -my- password is 
 AD> compromised, it doesn't matter. 
you want it so someone can get into your account and still do nothing?
some extra security for me is that i'm ususally logged in local 24 hrs a day 
(gave myself a 65000 minute time limit, very handy .. almost never have to 
log off ;) )
 AD> There's a local low-level war going on -- nothing big; just keyboard 
 AD> capture programs, command stack peeking... 
So? how's that going to affect your system? the only way for someone to run a 
keyboard capture program is to actually load it on your system (run the 
exe).. then there's still the problem of getting the info back off. If you go 
and run the program, then that's your fault. there's no way for someone from 
remote to start a keyboard capture program on your local console. they can 
run it, but it will only be in effect for that window (if you're 
multitasking).
 AD> Once I get this system running, I don't really intend to -use- it 
 AD> myself -- I can handle new-user apps from GoldEd -- may 
 AD> even make some macros for validation...
what? you'll use golded to write/read messages? what's that about the macros 
tho.. that doesn't really make sense. golded is an external editor or a local 
editor.
 AD>  I might even delete my SysOp account from 
 AD> the Max user files -- nah, that'd be going too far.
Then all someone has to do is create an account using your sysop name you 
have defined in max.ctl, and they'll get all your mail ;) good idea.
ttyl, greg
--- Maximus/2 3.01
---------------