Path: utzoo!utgpu!watserv1!watmath!att!rutgers!ucsd!helios.ee.lbl.gov!lbl.gov!jnmoyne From: jnmoyne@lbl.gov (Jean-Noel MOYNE) Newsgroups: comp.sys.amiga Subject: Re: Security on AUX: remote shells Message-ID: <6181@helios.ee.lbl.gov> Date: 14 Jul 90 00:09:18 GMT References: <1858@ns-mx.uiowa.edu> Sender: usenet@helios.ee.lbl.gov Distribution: na Organization: Lawrence Berkeley Laboratory Lines: 57 X-Local-Date: 13 Jul 90 17:09:18 PDT Oh, men you're going into deep yogurt !! (-: Doing a classic login/password on AUX: to give access to a SHELL is realy easy. But just after, if you're still aware of security .... The problem is that Amigados is a good multitasking OS, but definitely a single-user OS !!! There is absolutely nothing like security in Amigados. The problem is not the Handler, AUX: is fine and all right, the problem is the SHELL and the DOS. First of all it's very easy to make a requester pop-up by a CLI command, and once the requester is here you can say goodbye to your SHELL, to your user, and to your tty (and it's realy hard for you, since you only have one tty !!!). I mean: just type "cd XISIIDKLSKLM:" on your remote shell and if you don't have the volume XISIIDKLSKLM mounted .. your server is out. (try to click cancel or to send left-amiga-v from a terminal) (-: But that's easy to fix, just set the pr_Window pointer to -1L in your process struct (just do a FinkTask(0L) to find the struct, and every system requester will be canceled automatiquely. (you can use a DP prog called KillReq for that or just program 4 lines of C) Of course, it doesn't prevent you from programs opening a Window .. and waiting the Input from this Window. The cure: (yeah, call Rambo now ! (-: ) Patch OpenWindow with a big strike of SetFunction between the eyes, so that it returns NULL each time. And pray for the programs to be well written and not be too confuse by the fact he couldn't open the window. So, now you have a shell which is not too easy to mess up. Then you go back to the security. You might want to have protected directories or files (which come back to: having users and file protection). How to do that ? The first solution you see is: make my onw shell (like c-shell and all the others), maybe start from the source of a DP shell, and customize it for my needs, and of course make the people using this shell only (easy). You have a lot of work on this one, and you might still be able to do something valuable, for example using some of the unused space in the FileInfo struct (such as a part of the name which is 103 bytes long if I remember me right), or you can use the comment field to put you stuff (and not let the users have access to a command that modify or list the comment (like list ). But if there is an upload facility, or a programming facility (C compiler or other) in your system .. then you're not sure .. because with a modified SHELL, you can control the user, but not the programs he is using, and the programs have the same power to access every single file in the system (exept if the file is locked which is not a solution). No, the only valuable solution is: re-do Amigados, so that it is multi-user !!! Not kidding, that's the best way !! But let Commodore do that for us ... By the way wouldn't it be a nice idea Mr Commodore ?? You're system is so nicely multitasking that you can let it becomme multi-users just by typing "newshell aux:" ... it has gone too fast for the old Tripos project .. JNM