chrisj@ut-emx.UUCP (Chris Johnson) (03/06/89)
Well folks, GateKeeper version 1.1 is finished. If you liked GateKeeper 1.0 you'll like 1.1 even more. If you found 1.0 overly difficult to use, you'll find 1.1 much improved. If you found 1.0 buggy, you'll find 1.1 far less worrisome. A few of the new features include: * A choice of operation modes - you can specify whether GateKeeper should simply monitor suspicious operations and report them, or whether it can go so far as to veto suspicious operations in addition to reporting them. This gives you an "Observation" mode which can be used when initially installing GateKeeper to find out who needs what privileges without running the risk of GateKeeper interfering with something critical. * A choice of notification methods - you can have GateKeeper write out records of suspicious operations to its log file and/or use the notification manager to present you with an alert briefly describing the operations. [You can also opt to have it do neither, although I'm not sure why anyone would want to.] * Just about anything can be granted privileges now (INITs, cdevs and whatnot). [DA's remain an exception to this rule, however.] * The log file and alerts will tell you exactly what privilege was violated by each and every suspicious operation. No more guessing about privileges. And, in the time since the release of GateKeeper 1.0, I've acquired captive copies of a few more viruses for testing purposes. You'll be pleased to know (or I assume you will be) that both versions have proven thoroughly effective against all of the current crop of viruses: Scores, nVIR, Hpat, INIT 29 and ANTI. This effectiveness did not require any modifications to the original GateKeeper security system. GateKeeper 1.1 has been posted to comp.binaries.mac and will appear there in the fullness of time. It is also available now for anonymous ftp from the Sumex archives at Stanford and the Simtel archives at White Sands. To everyone who sent me their bug reports for 1.0, thanks a lot - 'couldn't have done it without you. To everyone who sent mail to me and never got a response, my apologies. There were a number of cases in which I couldn't get mail to people no matter what I tried - if you think you fell into this catagory, send me mail with a list of machines you can be reached at and any other suggestions relevant to getting mail to you. Thanks world, and enjoy the new version. ----Chris Johnson