Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Posting-Version: version B 2.10.1 6/24/83; site ecsvax.UUCP Path: utzoo!watmath!clyde!bonnie!akgua!whuxlm!harpo!decvax!mcnc!ecsvax!bishop From: bishop@ecsvax.UUCP (Alan Bishop) Newsgroups: net.micro.pc Subject: Re: MS-DOS cd command (SOMEWHAT LONG - 63 lines) Message-ID: <1478@ecsvax.UUCP> Date: Sat, 15-Jun-85 00:52:26 EDT Article-I.D.: ecsvax.1478 Posted: Sat Jun 15 00:52:26 1985 Date-Received: Mon, 17-Jun-85 03:58:39 EDT References: <2160@mhuxd.UUCP> <25@ucbmiro.ARPA> Reply-To: bishop@ecsvax.UUCP (Alan Bishop) Organization: Student at NC School of Sci and Math Lines: 55 Summary: I've already sent a letter to the original poster, so this is for anyone whose followed the discussion and thinks they can get a "secure" command.com with ease. Many people have suggested making a "secure" COMMAND.COM by simply blanking out CD and CHDIR in COMMAND.COM. THIS WILL NOT WORK. Because the commands CD and CHDIR no longer work, this will not restrict the user ONE BIT if he escapes from the shell that the user is supposed to be in. He will still be able to execute any command he wishes and include paths in any command. For example: 1) DIR \ 2) DIR \DEVELOP 3) ERASE \DEVELOP\*.* 4) FORMAT C: (assuming format is on the disk) WILL ALL STILL WORK. Even though CD will no longer work, if there is a copy of BASIC, Crosstalk, Kermit, Debug, or any other recent programs he will be able to CHDIR by going into those programs and doing it from there (debug would take a bit more work, but not much) Enough of the problem. Solutions: 1) Partial solution, would help some. Add a small, resident program to catch INT 21H and stop all CHDIR requests at the PCDOS level. This protects from #1 and #2 above, because DOS (at least PCDOS 2.1) does a CHDIR to the directory before actually displaying it. #3 and #4 would still be available, but this would stop everyone except those who just wanted to get rid of lots of stuff at once without knowing what they were getting rid of. 2) Closer. Also trap all ERASE, CREATE, and OPEN (for write) requests. However, the more you take away, the less the programs he wants to be demoed can do also. 3) Perfect, but perhaps impossible. Make the shell unbreakable. This would require use of trapping Ctrl-Break, error interrupts, divide-by-0 and overflow interrupts, and ANY OTHER abnormal termination calls. Shouldn't be a problem trapping normal exits. If anyone wants them, I have code to do solutions #1 and #2. I'm working on a resident program so that a PC can be left open on a COM line with input and output redirected to COM and have no security problems (or at least VERY few). Its not finished yet, but the part that traps #1 and #2 is done. Hope this helps someone. -- Alan Bishop ...!{decvax,akgua}!mcnc!ecsvax!bishop