Path: utzoo!utgpu!jarvis.csri.toronto.edu!mailrus!tut.cis.ohio-state.edu!cs.utexas.edu!ut-emx!chrisj From: chrisj@ut-emx.UUCP (Chris Johnson) Newsgroups: comp.sys.mac Subject: Re: GateKeeper configurations - what do various programs need? Message-ID: <12273@ut-emx.UUCP> Date: 21 Apr 89 05:28:27 GMT References: <13030@dartvax.Dartmouth.EDU> <28959@apple.Apple.COM> <523@sys.uea.ac.uk> <436@nyevax.CAS.ORST.EDU> Reply-To: chrisj@emx.UUCP (Chris Johnson) Organization: U.T. Austin Computation Center Lines: 55 In article <436@nyevax.CAS.ORST.EDU> johnsot@mist.CS.ORST.EDU (Tim G. Johnson) writes: >This brings a problem I noticed at our site. I've been in charge of setting >up GateKeeper on the system disks of two of OSU's computer labs. It would be >nice if GateKeeper looked at the Creater and Type of the files with permissions >instead of the name of the application. That way different versions if the >same application could have the same permissions without having an entry for >each different file name. Is this possible, or has it been avoided for some >good reason? It would be nice to see something like "APPL PJMM (THINK Pascal)" >in the name box (the file name just shows what program it is, but is not >checked when the program is run). > >I never used version 1.0, so maybe that is the way it was then, and got changed >because of a very good reason. Anyway, does it seem like a possibility? Sure >would make life simpler when configuring for several different systems (with >different Application names on them (I can't tell the faculty to change the >names of their applications, they are kinda picky about THEIR machines)). > >-Tim G. Johnson >-johnsot@mist.CS.ORST.EDU Tim (and everyone else who has justifiably wondered the same thing), There is a good reason (after a fashion, anyway) that GateKeeper only checks file names and not file types and creators. Basically, it was a line drawing problem, i.e. I had, when I initially created GK, a long list of features to be added to the product (the list is still long, and people keep adding good suggestions to it) and it was very clear to me that if I waited long enough to implement even a reasonable percentage of these remaining items on the wish list that GateKeeper wouldn't be ready for another year or more and, as a result, it would be a long time before it did anyone any good. Since it had already demonstrated what I felt was an admirable ability to stop viruses I thought it had a valid place in the world and should be released - and so it was and is. Needless to say, the file type/creator checking was one of those items waiting on my wish list. You may be relieved to know that even as 1.1.1 is in testing and the last few changes are being made, version 1.2 is already well on its way to becoming a reality. The primary difference between 1.1.1 and 1.2 is, thus far, in the security system which has been almost totally rewritten and extended beyond all recognition (more from my standpoint than a user's - GK will still *appear* much the same). Already present in the new security system is the change to primary reliance on a file's type and creator instead of its file name. Checking for matching file names has been reduced to the status of a mere additional option. [Thus, version 1.2, as it stands, will be more of an epistemological update than anything else.] It'll be a while before version 1.2 is even ready for testing, so please bear with me, but I'll certainly be the first to agree that GateKeeper needs to leave behind its dependance on file names.... And it will. Thanks for the feedback, ----Chris (Johnson) ----Author of GateKeeper ----chrisj@emx.utexas.edu