Public Lynx Restrictions

[ALOFFT at pika.nypl.toronto.on.ca]

Please excuse a newcomer to the list if this question has appeared before.

Here at North York Public Library in Toronto, we are planning public Web
access using Lynx in the near future (alas, we don't have the hardware or
bandwidth to offer Netscape). It will be available on about 200 OPACs
using a 56k connection.

In configuring the capabilities of Lynx, we need to determine what restric-
tions to place on the anonymous public users. Is using the -anonymous option
in its default mode the best way to do it? This would disable telnet, ftp,
rlogin, news posting, jump, mail, and G)oto. Or is it feasible from a
technical and security point of view to enable G)oto for URLs, but disallow
selected URLs (e.g. allow http:// and gopher:// but disallow telnet://
and ftp://, etc.). Our OPAC terminals are dumb with no hard disks, so
we obviously would not want ftp or downloading.

Finally, is it common to place different restrictions on anonymous users
from within and outside one's domain, and if so, what differences should
be imposed?

Please reply to the list for everyone's benefit, or directly to me if
you prefer. Thanks in advance,

Andrew Lofft, Senior Librarian
North York Public Library

Andrew Lofft			alofft at pika.nypl.toronto.on.ca
Information Network Office	(416) 395-5581

"Views expressed are those of the author and do not necessarily reflect
the position of the North York Public Library."