defaria@hpclapd.HP.COM (Andy DeFaria) (08/20/90)
How can one write an alternate command interpreter for DOS using TP? I need to write a very limited and restricted "COMMAND.COM" that has enough of the characteristics of COMMAND.COM that it would not crash the machine if it is used as the SHELL. I know very little about what is actually required for this. I know that COMMAND.COM has a tranisent (sp?) portion and an resident portion and I'm pretty sure that I need the same stuff but I don't know how to do it in TP. I would appreciate the help. A little background: I am trying to secure DOS from unwitting and unknowing users so as to provide a more secure environment. I have implemented a menu system to keep them out of DOS but many third party packages allow an easy door into DOS. Indeed so does the Turbo Pascal system itself. I want to restrict this so that if they try to access DOS via one of these "trap doors" they will instead be dropped into my command interpreter that will only provide them with minimal functionality if any at all. I have tried something like the following: set comspec=nodos <-- simple .bat file that says "No way" and exits. 123 <-- Lotus 123 set comspec=c:command.com <-- back to DOS But upon exiting Lotus 123 the system dies saying "Can't find COMMAND.COM, system halted". I think if I can write and alternate command interpreter I can avoid this problem as long as I provide the proper structure so that DOS is happy but I'm not sure how to do it. Also, there seems to be a market for a good alternate shell type program for DOS that could provide *a lot* more functionality then COMMAND.COM (i.e. if I could write an alternate shell to restrict functionality then it should be possible to write and alternate shell that enhances functionality). Thanks in advance for your help.
ffritze@hpwad.HP.COM (#Fromut Fritze) (08/30/90)
>I am trying to secure DOS from unwitting and unknowing users so as to >provide a more secure environment. I have implemented a menu system to >keep them out of DOS but many third party packages allow an easy door into >DOS. Indeed so does the Turbo Pascal system itself. I want to restrict >this so that if they try to access DOS via one of these "trap doors" they >will instead be dropped into my command interpreter that will only provide >them with minimal functionality if any at all. I have tried something like >the following: > >set comspec=nodos <-- simple .bat file that says "No way" and exits. >123 <-- Lotus 123 >set comspec=c:command.com <-- back to DOS > >But upon exiting Lotus 123 the system dies saying "Can't find COMMAND.COM, >system halted". I think if I can write and alternate command interpreter I >can avoid this problem as long as I provide the proper structure so that >DOS is happy but I'm not sure how to do it. try setting comspec to run a batch correctly: set comspec=command.com /c nodos As most programs use the environment variable comspec to locate command.com they add a /c and follow this by their users command (e.g. dir). Although I'm not sure, what the still underlaying command.com, that executes your lotus batch, thinks about switching comspec. It should work ok as each prog gets a new copy of the environment (call by value rather than by reference). >Also, there seems to be a market for a good alternate shell type program >for DOS that could provide *a lot* more functionality then COMMAND.COM >(i.e. if I could write an alternate shell to restrict functionality then it >should be possible to write and alternate shell that enhances >functionality). Look at Mortice Kern Sytem's powerfull UNIX lookalike called MKS Toolkit. ------------------------------------------------------------------------------ internet: ffritze@hpwadrd.hp.com hpdesk: Fromut FRITZE / HPB400 / R1 phone: Germany 7243 602296 address: Fromut FRITZE, Waldbronn Analytic Division, Hewlett Packard Str. 1, D 7517 Waldbronn, West Germany ------------------------------------------------------------------------------
defaria@hpclapd.HP.COM (Andy DeFaria) (08/31/90)
>/ hpclapd:comp.lang.pascal / ffritze@hpwad.HP.COM (#Fromut Fritze) / 8:35 am Aug 30, 1990 / > >try setting comspec to run a batch correctly: > > set comspec=command.com /c nodos If I remember my test for this correctly, this won't work because of the embedded spaces in the value (i.e. the space after "COM" and before the "/C" and the space after the "/C"). Also, DOS doesn't seem to like quotation marks (i.e. set comspec="command.com /c nodos").