Path: utzoo!utgpu!news-server.csri.toronto.edu!mailrus!wuarchive!cs.utexas.edu!swrinde!ucsd!ucbvax!hplabs!hpcc01!hpbbn!hpwad!ffritze
From: ffritze@hpwad.HP.COM (#Fromut Fritze)
Newsgroups: comp.lang.pascal
Subject: Re: Writing an alternate shell (COMMAND.COM)?
Message-ID: <2290007@hpwad.HP.COM>
Date: 30 Aug 90 15:35:52 GMT
References: <950037@hpclapd.HP.COM>
Organization: Hewlett-Packard Waldbronn, Germany
Lines: 43

>I am trying  to secure  DOS  from unwitting and unknowing   users so as  to
>provide a  more secure environment.   I have implemented  a  menu system to
>keep them out of DOS but many third party packages  allow an easy door into
>DOS.  Indeed so does the Turbo  Pascal  system itself.   I want to restrict
>this so that if they try to access  DOS via one of  these "trap doors" they
>will instead be dropped into my command interpreter that  will only provide
>them with minimal functionality if any at all.  I have tried something like
>the following:
>
>set comspec=nodos          <-- simple .bat file that says "No way" and exits.
>123                        <-- Lotus 123
>set comspec=c:command.com  <-- back to DOS
>
>But upon exiting Lotus 123 the system dies saying "Can't  find COMMAND.COM,
>system halted".  I think if I can write and alternate command interpreter I
>can avoid this  problem as long as I  provide the  proper structure so that
>DOS is happy but I'm not sure how to do it.

try setting comspec to run a batch correctly:

  set comspec=command.com /c nodos

As most programs use the environment variable comspec to locate command.com 
they add a /c and follow this by their users command (e.g. dir). Although I'm
not sure, what the still underlaying command.com, that executes your lotus 
batch, thinks about switching comspec. It should work ok as each prog gets
a new copy of the environment (call by value rather than by reference).

>Also, there seems to be  a market  for a good  alternate shell type program
>for DOS  that could provide  *a  lot*  more functionality  then COMMAND.COM
>(i.e. if I could write an alternate shell to restrict functionality then it
>should   be  possible   to  write  and  alternate     shell  that  enhances
>functionality).

Look at Mortice Kern Sytem's powerfull UNIX lookalike called MKS Toolkit.

------------------------------------------------------------------------------
internet: ffritze@hpwadrd.hp.com
hpdesk:   Fromut FRITZE / HPB400 / R1
phone:    Germany 7243 602296
address:  Fromut FRITZE, Waldbronn Analytic Division,
	  Hewlett Packard Str. 1, D 7517 Waldbronn, West Germany
------------------------------------------------------------------------------