Xref: utzoo comp.sys.ibm.pc.misc:5013 comp.sys.novell:204
Path: utzoo!utgpu!news-server.csri.toronto.edu!rutgers!att!tut.cis.ohio-state.edu!snorkelwacker.mit.edu!bloom-beacon!eru!hagbard!sunic!mcsun!ukc!axion!tharr!sweh
From: sweh@tharr.UUCP (Stephen Harris)
Newsgroups: comp.sys.ibm.pc.misc,comp.sys.novell
Subject: Re: shelling to Dos
Message-ID: <1540@tharr.UUCP>
Date: 26 Dec 90 11:47:26 GMT
References: <1990Dec24.012958.9228@magnus.ircc.ohio-state.edu> <1990Dec25.233917.15240@mstr.hgc.edu> <ABRAMS.90Dec25210447@division.cs.columbia.edu>
Reply-To: sweh@tharr.UUCP (Stephen Harris)
Followup-To: comp.sys.ibm.pc
Organization: Power Microsystems Ltd
Lines: 48

In article <ABRAMS.90Dec25210447@division.cs.columbia.edu> abrams@cs.columbia.edu (Steven Abrams) writes:
!In article <1990Dec25.233917.15240@mstr.hgc.edu> craig@sa2.hgc.edu
!(craig chaiken) writes: 
!>The following is a list of ways to prevent an application from shelling out to
!>DOS:
!
!>1)	Rename COMMAND.COM just prior to executing the application, and restore
!>	it upon exit from the application.  (Dangerous if the machine crashes
!>	while COMMAND.COM is renamed).
!
!This may be the best bet;  even better, is to permanently rename
!COMMAND.COM to something else and use the SHELL= in config.sys to
!allow the system to boot with the "other" COMMAND.COM.  To be doubly
!safe, reset COMSPEC environment variable to some nonexistent program
!before running the application to prevent it from checking the env.
!for the location of COMMAND.COM.  The downside of this approach is
!that if, when the application exits, it has used enough RAM to walk on
!the transient portion of COMMAND.COM, when DOS checks the environment
!to find out where to load COMMAND.COM, it will fail with "Please
!insert disk with COMMAND.COM in Drive C: and press any key..." or
!something dumb like this.    
!

What I would possibly do is have COMMAND.COM in my c:\DOS directory and have
SHELL=...statement in my config.sys file, and then write a small C program
which resets COMSPEC to either a non-existent file (so shell fails) or to
a specific program which prints "No shell allowed".  Then the C program can
call the original program (by SPAWN, not EXEC) and finally restore COMSPEC
back to its original.  This will take up some extra memory (maybe 4k!) an
also not suffer from worrying whether transient portion of memory gets
overwritten.

!>4)	Write a TSR to capture the INT 21H EXEC function (AH=4BH).  Ignor any
!>	requests to run COMMAND.COM, and execute all other requests. (Actually,
!>	not that hard to program, but certainly not for beginners).
!
!I think this is the best option of all, but, as you said, not for the
!fainthearted.  

Too complicated - it *would* work but is surely unnecessary.


-- 
    			     Stephen Harris
Disclaimer: me have an opinion?     | Email: ..!ukc!axion!tharr!sweh
            What an idea!	    |        sweh%tharr.uucp@uk.co.bt.axion
Wanted: humour transplant           |        tharr!sweh@uk.ac.ukc 
     <-- tharr *free* public access to Usenet in the UK 0234 261804 -->