Quick notes on how gboard works, with regard to permissions.

There are a few security issues to keep in mind with gboard.

The BBS database is in /var/bbs and is only writable by members of the group
`bbs`, which consists of only a single use named `bbs`.  Thus, the `gboard`
executable everybody runs must either have user or group `bbs` and be setuid
or setgid respectively.

Also, users should not be able to impersonate one another, and must be
forced to post under their real username.

Thus, there is a small C wrapper (gboard.c) around the PHP gboard application
(gboard.php).  That wrapper uses getpwuid to get the invoking user's
username, and passes it as an argument to the PHP script.  The binary that
results from compiling the wrapper must be setuid or setguid to the `bbs`
user or group, and this is what /usr/local/bin/gboard should link to.

Because the gboard.php script is world-readable, any user can run it
directly, and can pass it any username they like, bypassing the wrapper
script.  However, the resulting PHP process will then be running as that
user, and so will not have write access to /var/bbs.  Therefore it will not
be possible to make any posts under the assumed identity.

Basically, as long as the C wrapper is the *only* setuid/setguid binary on
the system that lets users run as part of the `bbs` group, and as long as
the C wrapper securely passes *only* the invoking user's true username to
the gboard script, then it should be impossible to impersonate other users.