Path: utzoo!attcan!uunet!cs.utexas.edu!sdd.hp.com!samsung!noose.ecn.purdue.edu!iuvax!ux1.cso.uiuc.edu!midway!ellis.uchicago.edu!dwal
From: dwal@ellis.uchicago.edu (David Walton)
Newsgroups: comp.sys.mac.misc
Subject: Re: Resedit and FileGuard
Message-ID: <1990Aug3.163157.28701@midway.uchicago.edu>
Date: 3 Aug 90 16:31:57 GMT
References: <1938@ux.acs.umn.edu> <1990Aug2.164635.6825@midway.uchicago.edu> <1941@ux.acs.umn.edu>
Sender: news@midway.uchicago.edu (News Administrator)
Organization: U. Chicago Computing Organizations, Academic and Public Comp.
Lines: 77

In article <1941@ux.acs.umn.edu> clarson@ux.acs.umn.edu (Chaz Larson) writes:
>In article <1990Aug2.164635.6825@midway.uchicago.edu> dwal@ellis.uchicago.edu (David Walton) writes:
>>I don't think he actually said that ResEdit was available on the
>>machines (although I don't have the original message anymore, so I
>>could be wrong).  In any case, lots of people have ResEdit who haven't
>>bought it, aren't programmers, and for the most part don't really know
>>what it's used for; they do know how to use it to do things like muck
>>around with the Finder information.  Just because it's not publicly
>>available at this guy's site with a sign saying "Copy me" doesn't mean
>>that people can't get copies of it.  And, as you said, folks who do
>>know how to use it can then use it to gut _any_ software on any
>>Macintosh they please.
>
>That's true, but do you [or more accurately, does he] want to mess around
>trying to secure his machine[s] from what could be the most powerful tool
>avaiable for the mac? From what I've read, FileGuard, along with many other
>products, can be very effective in deterring some attempts to mess with the
>machine, but none can really stand up to malicious attempts to circumvent
>them.
>
>t seems to me that the users of a public computing facility can be loosely
>split into two groups:
>
>	1. Clueless people.
>
>	   These folks just want to come in, use SuperPaint, and leave.
>  	   They're not interested in how the machine works; only that it
> 	   does.  If they were to destroy something with ResEdit, they
>	   would do so because they launched ResEdit to see what it did,
>	   and got in over their heads.  These folks don't bring ResEdit
>	   in with them; one can avoid problems by making sure that
>	   tools like ResEdit are not avaiable to them in the facility.
>
>	2. Computer-literate people.
>
> 	   These folks know how the machine works, and have outside access
>	   to tools and such.  They will very often carry things like
>	   ResEdit around with them.  In my experience, trying to make a
>	   public facility immune to them is a losing proposition.
>
><chaz>
>                              - Flaming Carrot      
>clarson@ux.acs.umn.edu                                 AOL:Crowbone

I agree with all of your statements, but I guess I don't see your
point.  Yes, it's generally possible to secure a computer system
against folks who aren't real computer-literate (which is
operationally defined as folks who don't know enough to break
security, which is therefore a truism).  No, it's generally not
possible to secure a machine against the people who are somewhat
computer-literate (again, operationally defined as those folks who do
know enough to break security).  The question, then, is how many
people are in the former vs. the latter group, i.e., how many people
will be deterred from mucking up the machine by the security
mechanisms?  The answer: probably enough to make it worthwhile.

Any experienced user, however, can generally break security without
ResEdit: the easiest tool to use is a System disk.  Boot the machine
with a floppy, and viola, all of the protective INITs and cDEVs don't
do anything.  ResEdit helps, of course, for doing things like making
the System Folder visible when necessary, but it's certainly not
essential.

Anyway, your point (I think) in your previous post was to ask why
ResEdit was available on a (supposedly) secure machine.  My response
was that in fact the original poster didn't say it _was_, but it
probably wouldn't matter anyway, because it's so easy to get a copy of
it.  Finally, protecting FileGaurd wouldn't do that much good, because
a boot disk with ResEdit could bypass FileGaurd (by not installing it
at boot time), and with ResEdit the user could cause as much mischief
as his/her little heart desires.

--

David Walton		Internet: dwal@midway.uchicago.edu
University of Chicago   {  Any opinions found herein are mine, not  }
Computing Organizations {  those of my employers (or anybody else). }