Path: utzoo!attcan!utgpu!jarvis.csri.toronto.edu!mailrus!ames!dftsrv!mimsy!tove.umd.edu!folta
From: folta@tove.umd.edu (Wayne Folta)
Newsgroups: comp.sys.mac
Subject: Re: I'm not sure I believe this. (was Re: New WDEF Virus)
Message-ID: <21241@mimsy.umd.edu>
Date: 12 Dec 89 21:08:13 GMT
References: <1989Dec12.044029.19171@eng.umd.edu> <3277@hub.UUCP> <1501@rodan.acs.syr.edu> <4221@sbcs.sunysb.edu> <4227@sbcs.sunysb.edu>
Sender: news@mimsy.umd.edu
Reply-To: folta@tove.umd.edu (Wayne Folta)
Distribution: usa
Organization: U of Maryland, Dept. of Computer Science, Coll. Pk., MD 20742
Lines: 20

>I have a question.  Does GateKeeper only intercept calls to resource
>modifications of code-containing resources, or all resources?  If GateKeeper
>only traps code-containing resource modifications, then why is it necessary
>to give the Finder Res/Other privilidges?  I was under the impression that
>GateKeeper traps all resource modifications, hence the necessity for Res/
>Other privilidges for the Finder.
>
>Unfortunately, I don't think the documentation gives any indication about
>(a) whether it traps all resources, or (b) if not all, then the ones that
>it does trap.

I believe GateKeeper Documentation does state what it traps.  Looking at
GateKeeper's Type resource #1, I see: CODE, INIT, DRVR, cdev, RDEV, FKEY,
FMTR, LDEF, MBDF, MDEF, MMAP, ADBS, CACH, CDEF, atpl, NBPC, PACK, PDEF,
PTCH, SERD, WDEF, mppc, snth, CUST, XCMD, XFCN.  This is documented at the
end of the on-line help.  So... GateKeeper thinks that it does trap WDEF.
--


Wayne Folta          (folta@cs.umd.edu  128.8.128.8)