NAME
    turnin - Happy Turnin Fun Time

SYNOPSIS
    turnin [ -a assignment ] [ -s section ] [ files ... ]

DESCRIPTION
    The turnin system facilitates the submission of assignments on a UNIX
    system in an intuitive and secure manner. The system is easily
    customizable and uses a setuid script to submit the files.

ARCHITECTURE
    The main component of the turnin system is the turnin script. This
    script is invoked by the student to start the turnin process.

    The turnin script reads the turnin.conf file and performs checks to make
    sure the assignment exists, turnin is allowed, and so on. After that, it
    creates a tar pipe to the setuid turnin_helper script.

    turnin_helper completes the submission process. It runs as an instructor
    or teaching assistant. After reading the turnin.conf file, it re-checks
    whether the assignment exists and whether turnin is allowed. If
    everything is in order, it recieves the submitted files from the tar
    pipe, and places them in the submission directory as specified in the
    turnin.conf file. It then sends a recipt by email to the student.

INSTALLATION
    *   Untar the distribution archive and set the permissions such that all
        files in the distribution archive are readable by the users who may
        run the script. Files marked executable in the archive (turnin and
        turnin_helper.real) should remain executable. The assignments
        directory should be readable only by those who should be able to
        read submitted assignments.

    *   Edit the turnin and turnin_helper.real scripts to specify the
        correct path to the turnin_routines.ph file. A full path must be
        used.

            "require "/full/path/to/turnin_routines.ph";"

    *   Edit turnin_routines.ph to set $CONF to point to the location if the
        turnin.conf file. A full path must be used.

            "my $CONF = "/full/path/to/turnin.conf";"

    *   The turnin_helper.real script must run as the user who owns the
        assignments directory. If any assignments must be accessible to
        members of a group, the turnin_helper.real script must run as the
        appropriate group.

        If you are using suidperl, you can rename turnin_helper.real to
        turnin_helper, and set it setuid and setgid:

            "chmod ug+s turnin_helper"

        If not, compile turnin_helper.c as follows:

            "gcc -DREAL_FILE=\"/full/path/to/turnin_helper.real\"
            -oturnin_helper turnin_helper.c"

        and set turnin_helper setuid and setgid, as above.

    *   Edit the turnin.conf file to reflect the state of your system and
        the assignments that are to be submitted. Refer to the comments in
        the header of that file.

SECURITY
    The turnin system was designed with security in mind. Submissions are
    passed from the student to the professor through a pipe from an
    unprivileged tar -c running as the student to a privileged tar -x
    running as the professor. At no point is the student given direct access
    to the professor's files, and at no point need the student's files give
    read permission to any other user or group. Professors don't have to
    worry about students manually copying submissions into the submitted
    assignment hierarchy after the due date has expired, and students don't
    have to give anyone (especially spying classmates) read access to their
    files in order to turn them in.

    Assignments turned in after the soft (DUE) deadline will be prominently
    marked LATE, and after the hard (CLOSE) deadline, submissions will not
    be accepted. The privileged component of SASS double-checks all
    information given to it from the unprivileged user to make sure that a
    user running it directly, instead of through the unprivileged script,
    isn't able to trick it into accepting late or otherwise erroneous
    submissions.

    All perl components of SASS were written and tested with warnings, taint
    checking, and strict mode on. GNU tar 1.13.16 or better is required to
    pervent exploits by maliciously-designed tar files attempting to use
    ".." in file paths to overwrite the instructor's files (such as the
    turnin script itself or files in earlier submissions).

SUBMISSION FORMAT
    Submissions made by the turnin system are copied to the directory
    secified in the "PATH base" directive in turnin.conf. The directory
    structure within the base directory looks like this:

        "assignmentName"/"sectionName"/"userName"/"YYYY-MM-DD_HH:MM:SS"/

    "sectionName" is only included if the assignment has sections. Late
    submissions have the string "-LATE" appended to the date.

AUTHORS
    The turnin system was written by Sam Hathaway
    <hathaway@cs.rochester.edu> and Dennis Lambe <dlambe@cs.rochester.edu>.

COPYING
     Happy Turnin Fun Time version 2.0
     Copyright (C) 2003 Sam Hathaway and Dennis Lambe

     This program is free software; you can redistribute it and/or modify it
     under the terms of version 2 of the GNU General Public License as
     published by the Free Software Foundation.

     This program is distributed in the hope that it will be useful, but
     WITHOUT ANY WARRANTY; without even the implied warranty of
     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
     General Public License for more details.

     You should have received a copy of the GNU General Public License along
     with this program; if not, write to the Free Software Foundation, Inc.,
     59 Temple Place, Suite 330, Boston, MA 02111-1307 USA