jlille@umaxc.weeg.uiowa.edu (Jeff Lille) (07/14/90)
I don't have any experience programming handlers so I have no idea if
this is possible, but would a handler work for security on a AUX: connection
running a shell? I envision something that hangs (a SECURE: device?) out and
waits for a CLI command to ask for a directory that is on a list of secure
directories. Could something like this work and not cause problems for stuff
that really should have access (like C: commands)?
Is there a good source for info on writing handlers, I'm a student (read
"broke") and thus don't have RKM's... so I geuss I'm looking for a cheep
alternative.
Thanks for any help and if anybody is working on something like this (or
has it) please email me at:
jlille@umaxc.weeg.uiowa.encore // AMIGArgnugen...
\X/ What makes a computer an Amiga!jnmoyne@lbl.gov (Jean-Noel MOYNE) (07/14/90)
Oh, men you're going into deep yogurt !! (-:
Doing a classic login/password on AUX: to give access to a SHELL is
realy easy. But just after, if you're still aware of security ....
The problem is that Amigados is a good multitasking OS, but definitely
a single-user OS !!! There is absolutely nothing like security in
Amigados. The problem is not the Handler, AUX: is fine and all right, the
problem is the SHELL and the DOS. First of all it's very easy to make a
requester pop-up by a CLI command, and once the requester is here you can
say goodbye to your SHELL, to your user, and to your tty (and it's realy
hard for you, since you only have one tty !!!). I mean: just type "cd
XISIIDKLSKLM:" on your remote shell and if you don't have the volume
XISIIDKLSKLM mounted .. your server is out. (try to click cancel or to
send left-amiga-v from a terminal) (-:
But that's easy to fix, just set the pr_Window pointer to -1L in your
process struct (just do a FinkTask(0L) to find the struct, and every
system requester will be canceled automatiquely. (you can use a DP prog
called KillReq for that or just program 4 lines of C)
Of course, it doesn't prevent you from programs opening a Window ..
and waiting the Input from this Window. The cure: (yeah, call Rambo now !
(-: ) Patch OpenWindow with a big strike of SetFunction between the eyes,
so that it returns NULL each time. And pray for the programs to be well
written and not be too confuse by the fact he couldn't open the window.
So, now you have a shell which is not too easy to mess up. Then you go
back to the security. You might want to have protected directories or
files (which come back to: having users and file protection). How to do
that ? The first solution you see is: make my onw shell (like c-shell and
all the others), maybe start from the source of a DP shell, and customize
it for my needs, and of course make the people using this shell only
(easy). You have a lot of work on this one, and you might still be able to
do something valuable, for example using some of the unused space in the
FileInfo struct (such as a part of the name which is 103 bytes long if I
remember me right), or you can use the comment field to put you stuff (and
not let the users have access to a command that modify or list the comment
(like list ).
But if there is an upload facility, or a programming facility (C
compiler or other) in your system .. then you're not sure .. because with
a modified SHELL, you can control the user, but not the programs he is
using, and the programs have the same power to access every single file in
the system (exept if the file is locked which is not a solution).
No, the only valuable solution is: re-do Amigados, so that it is
multi-user !!! Not kidding, that's the best way !!
But let Commodore do that for us ... By the way wouldn't it be a nice
idea Mr Commodore ?? You're system is so nicely multitasking that you can
let it becomme multi-users just by typing "newshell aux:" ... it has gone
too fast for the old Tripos project ..
JNMDoug_B_Erdely@cup.portal.com (07/15/90)
There is a PD program called Serial Server (SERSERV for short), I think it will do what you are asking. - Doug - Doug_B_Erdely@Cup.Portal.Com
arc@desire.wright.edu (07/15/90)
In article <31725@cup.portal.com>, Doug_B_Erdely@cup.portal.com writes: > There is a PD program called Serial Server (SERSERV for short), I think it > will do what you are asking. > > - Doug - > > Doug_B_Erdely@Cup.Portal.Com I would REALLY like to have SERSERV... Where can I FTP it from? If someone has that, or other programs that serve this purpose, could you send them to "xanth.cs.odu.edu" in "incoming/amiga"??? Thanks! A LOT! ------------------------------------------------------------------------ = /// | Jim Perry | Arc@Desire.Wright.edu = = /// Amiga! | ^Communications Consultant| -or- = = \XX/ The One | Arc Electronics, Inc. | Arc@WSU.BITNET = = ____& Only... | Wright State University |"Ouch! Quit-it." - Bart= = | Dayton, Ohio | Frank Sinatra Rules = ========================================================================
Doug_B_Erdely@cup.portal.com (07/16/90)
Sorry, I cant... I dont have FTP access here! - Doug - Doug_B_Erdely@Cup.Portal.Com