jalden@eleazar.dartmouth.edu (Joshua M. Alden) (04/13/89)
Hello.
I run a Virus Clinic here at Dartmouth College. People send me
mail and walk in to talk to me when they have virus problems. I also
maintain the portion of our Public File Server here that contains
anti-viral programs and information, and I write articles and
troubleshooting documents for people around here.
I like GateKeeper (I use it), and it's on the File Server, but one
of the problems I hear is that the average user doesn't really know how
(nor want to spend the time to learn) to figure out what programs need
what configurations.
So I'm compiling a list of applications (etc), and what
configurations they need to do what. I can determine that for all the
programs that I use, but I can't test everything.
Would people out there who use GateKeeper please write me and tell
me how they have it configured? (And also what problems or
virus-loopholes such configurations create.)
Thanks in advance.
-Josh Alden
Joshua.Alden@dartmouth.edujalden@eleazar.dartmouth.edu (Joshua M. Alden) (04/13/89)
In article <13030@dartvax.Dartmouth.EDU> jalden@eleazar.dartmouth.edu (Joshua M. Alden) writes: > Would people out there who use GateKeeper please write me and tell >me how they have it configured? (And also what problems or >virus-loopholes such configurations create.) Regarding the above: PLEASE send mail to Virus.Info@mac.dartmouth.edu. <--- <---@@@@@@ The address I gave in the previous post will go to my personal account (oops!) and I'd like to forward as few letters as possible. -Josh Alden Joshua.Alden@dartmouth.edu
maner@bgsuvax.UUCP (Walter Maner) (04/13/89)
From article <13030@dartvax.Dartmouth.EDU>, by jalden@eleazar.dartmouth.edu (Joshua M. Alden): > Hello. > > I like GateKeeper (I use it), and it's on the File Server, but one >... > So I'm compiling a list of applications (etc), and what > configurations they need to do what. I can determine that for all the I give "Other:File" permissions to Finder, Font/DA Mover, Stuffit, BinHex, Network DiskFit, DaynaFile, Unpit and RedRyder. Font/DA Mover also needs "System:Res" and DaynaFile needs "Self:Res." These settings were determined exclusively by experimentation on my system. Your mileage may differ. -- CSNet : maner@research1.bgsu.edu | 419/372-8719 InterNet: maner@research1.bgsu.edu (129.1.1.2) | BGSU CS Dept UUCP : ... !osu-cis!bgsuvax!maner | Bowling Green, OH 43403 BITNet : MANER@BGSUOPIE
austing@Apple.COM (Glenn L. Austin) (04/14/89)
In article <13030@dartvax.Dartmouth.EDU> jalden@eleazar.dartmouth.edu (Joshua M. Alden) writes: > So I'm compiling a list of applications (etc), and what >configurations they need to do what. I can determine that for all the >programs that I use, but I can't test everything. > > Would people out there who use GateKeeper please write me and tell >me how they have it configured? (And also what problems or >virus-loopholes such configurations create.) > > Thanks in advance. In using MPW 3.0, I found that even though I have MPW set up for Res(Other) and File(Other) privledges, Gatekeeper catches the Link tool. Why I have no idea, and since it is a "tool" and not an "application"... ----------------------------------------------------------------------------- | Glenn L. Austin | The nice thing about standards is that | | Apple Computer, Inc. | there are so many of them to choose from. | | Internet: austing@apple.com | -Andrew S. Tanenbaum | ----------------------------------------------------------------------------- | All opinions stated above are mine -- who else would want them? | -----------------------------------------------------------------------------
chrisj@ut-emx.UUCP (Chris Johnson) (04/15/89)
In article <28959@apple.Apple.COM> austing@Apple.COM (Glenn L. Austin) writes: >In using MPW 3.0, I found that even though I have MPW set up for Res(Other) >and File(Other) privledges, Gatekeeper catches the Link tool. Why I have no >idea, and since it is a "tool" and not an "application"... ...and since it is a "tool" and not an "application" all you have to do is hold down the option key when you click on the "Add..." button (assuming you have version 1.1 of GateKeeper). It's documented in the on-line help - I swear it! :-) ----Chris ----Author of GateKeeper P.S. The next version of GateKeeper won't require this option key business. Version 1.1 wouldn't have required it either, but I failed to anticipate how many weird file types various developers have chosen to hide away code in. 'MPST' indeed! Sigh.
austing@Apple.COM (Glenn L. Austin) (04/19/89)
In article <12043@ut-emx.UUCP> chrisj@emx.UUCP (Chris Johnson) writes: >In article <28959@apple.Apple.COM> austing@Apple.COM (Glenn L. Austin) writes: >>In using MPW 3.0, I found that even though I have MPW set up for Res(Other) >>and File(Other) privledges, Gatekeeper catches the Link tool. Why I have no >>idea, and since it is a "tool" and not an "application"... > >...and since it is a "tool" and not an "application" all you have to do is >hold down the option key when you click on the "Add..." button (assuming >you have version 1.1 of GateKeeper). It's documented in the on-line help - >I swear it! :-) > >----Chris >----Author of GateKeeper > I knew about the option key business, but didn't realize that you were looking at the code resource -- The documentation just talks about "development systems" so I gave MPW permission, but not Link (or Rez). Oh well, I guess that I'll use "override" while in MPW... ----------------------------------------------------------------------------- | Glenn L. Austin | The nice thing about standards is that | | Apple Computer, Inc. | there are so many of them to choose from. | | Internet: austing@apple.com | -Andrew S. Tanenbaum | ----------------------------------------------------------------------------- | All opinions stated above are mine -- who else would want them? | -----------------------------------------------------------------------------
chrisj@ut-emx.UUCP (Chris Johnson) (04/21/89)
In article <436@nyevax.CAS.ORST.EDU> johnsot@mist.CS.ORST.EDU (Tim G. Johnson) writes: >This brings a problem I noticed at our site. I've been in charge of setting >up GateKeeper on the system disks of two of OSU's computer labs. It would be >nice if GateKeeper looked at the Creater and Type of the files with permissions >instead of the name of the application. That way different versions if the >same application could have the same permissions without having an entry for >each different file name. Is this possible, or has it been avoided for some >good reason? It would be nice to see something like "APPL PJMM (THINK Pascal)" >in the name box (the file name just shows what program it is, but is not >checked when the program is run). > >I never used version 1.0, so maybe that is the way it was then, and got changed >because of a very good reason. Anyway, does it seem like a possibility? Sure >would make life simpler when configuring for several different systems (with >different Application names on them (I can't tell the faculty to change the >names of their applications, they are kinda picky about THEIR machines)). > >-Tim G. Johnson >-johnsot@mist.CS.ORST.EDU Tim (and everyone else who has justifiably wondered the same thing), There is a good reason (after a fashion, anyway) that GateKeeper only checks file names and not file types and creators. Basically, it was a line drawing problem, i.e. I had, when I initially created GK, a long list of features to be added to the product (the list is still long, and people keep adding good suggestions to it) and it was very clear to me that if I waited long enough to implement even a reasonable percentage of these remaining items on the wish list that GateKeeper wouldn't be ready for another year or more and, as a result, it would be a long time before it did anyone any good. Since it had already demonstrated what I felt was an admirable ability to stop viruses I thought it had a valid place in the world and should be released - and so it was and is. Needless to say, the file type/creator checking was one of those items waiting on my wish list. You may be relieved to know that even as 1.1.1 is in testing and the last few changes are being made, version 1.2 is already well on its way to becoming a reality. The primary difference between 1.1.1 and 1.2 is, thus far, in the security system which has been almost totally rewritten and extended beyond all recognition (more from my standpoint than a user's - GK will still *appear* much the same). Already present in the new security system is the change to primary reliance on a file's type and creator instead of its file name. Checking for matching file names has been reduced to the status of a mere additional option. [Thus, version 1.2, as it stands, will be more of an epistemological update than anything else.] It'll be a while before version 1.2 is even ready for testing, so please bear with me, but I'll certainly be the first to agree that GateKeeper needs to leave behind its dependance on file names.... And it will. Thanks for the feedback, ----Chris (Johnson) ----Author of GateKeeper ----chrisj@emx.utexas.edu