Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Posting-Version: version B 2.10.2 9/18/84 exptools; site ihuxw.UUCP
Path: utzoo!watmath!clyde!burl!ulysses!mhuxr!mhuxt!houxm!ihnp4!ihuxw!bamford
From: bamford@ihuxw.UUCP (Harold Bamford)
Newsgroups: net.micro.pc
Subject: Re: MS-DOS cd command and security issues
Message-ID: <1103@ihuxw.UUCP>
Date: Mon, 17-Jun-85 14:24:45 EDT
Article-I.D.: ihuxw.1103
Posted: Mon Jun 17 14:24:45 1985
Date-Received: Tue, 18-Jun-85 08:02:41 EDT
References: <2160@mhuxd.UUCP> <25@ucbmiro.ARPA> <1478@ecsvax.UUCP>
Organization: AT&T Bell Laboratories
Lines: 28

Concerning making a secure "login" by changing the shell...

> Solutions:
> 1) ... to catch INT 21H and stop all CHDIR requests at the PCDOS level.
> 2) ... Also trap all ERASE, CREATE, and OPEN (for write) requests.
> 3) Perfect, but perhaps impossible.  Make the shell unbreakable.
> This would require use of trapping Ctrl-Break, error interrupts,
> divide-by-0 and overflow interrupts, and ANY OTHER abnormal termination
> calls.  Shouldn't be a problem trapping normal exits.
> 
> 				Alan Bishop
> 			     ...!{decvax,akgua}!mcnc!ecsvax!bishop

Adding resident programs to trap unauthorized activities is fine, but be
sure that a new shell cannot be executed which would not have those
resident programs.  That is, saying, "command" should not result in
executing the standard commmand.com.  This implies changing command.com,
or removing it from the path.  If it is merely removed from the PATH, then
the PATH variable should not be changable.

Making MS-DOS secure is not easy in either concept or application.
-- 

				Harold Bamford
				AT&T Bell Labs
				Naperville, Ill
				(cornet) 8-367-5744
				(312) 979-5744	(work)