How to set up a Telnet entry to WWW

A telnet server

A public telnet server allows anyone to telnet to you and run a WWW client program to get at data. We run one on info.cern.ch.

We assume here you know what you are doing and so here are a few points to remember in outline only.

Skipping the shell

The special /bin/login program is like login but if the guy has not telnetted in with a command line user name which matches one on the host, he is thrown into www directly without using a shell or collecting $200. This means that if he find some way to crash www, he is bound to exit rather than accidentally get a shell.

The login_www program which replaces login passes a -h ip.ip.ip.ip option to www which tells www where the call is coming from (www logs all transactions and also login_www logs the session for safety).

This makes the machine difficult to acces for normal purposes especially if rlogin is disabled for security reasons too. Only some machines (Ultrix, NeXT, ...) support telnet -l username which is necessary to get in.

Changes in browser behaviour

When www gets the -h option it behaves differently, mainly for secuity. (The HTSecure flag is set within the library).

Home page

When www is used with the -h option, the home page is set by the WWW_HOME environment variable as usual. If you are using the special ligin program, then there is no shell script in which to set this. The browser therefore checks, is WWW_HOME is not set, for a file /etc/www-remote.url. If that file exits, it reads from it the URL of the home page. Note that the home page cannot be a local file, as local file access is turned off for security reasons. It must be a document availableon the network, from your own or someone else's server.

Tim BL