unocc07@zeus.unl.edu (Dave Caplinger) (06/18/89)
In article <7680@hoptoad.uucp>, tim@hoptoad.uucp (Tim Maroney) writes: > In article <835@unocss.UUCP> dent@unocss.UUCP (Dave Caplinger) writes: >>Can anyone suggest a way to set the "chooser" username once and then prevent >>it from being changed in the future? > > No. Macs are not secure machines. Anyone would be able to defeat your > scheme by booting from a floppy disk or throwing away the INIT file you > use to implement this scheme. The only somewhat feasible possibility > is to put special code in your hard disk boot blocks which enforces > this, and then it would be very likely to break under future OS > revisions. Macs are not secure and you'll have to plan around that > fact. True, Macs are not secure; but then neither are the PC's we also have in our user rooms. :-) In the case of the Macs, we get along ok by simply setting the "invisible" bit on the System Folder's file info (via ResEdit). Certainly, if I know how to do this, others will know how to undo it, but for the most part, it's not worth the trouble to the [malicious] users. (Also, it's main advantage is that MacTools, the most abundantly pirated program on campus, does not allow a user to make a folder invisible...) If any user uses their own disks to boot, they simply are not logged into the network, and cannot access any of our applications, unless they have pirated a copy of the AppleShare INIT. I have not had access to "my" Mac yet, but I will probably play with the Chooser's dialogue box with ResEdit (I disabled the "OK" button in the "Set Startup..." menu option in this way) to see how feasible that is. Once failing that :-), I'll probably wind up using the ASharPonder INIT just posted (with very good timing, I might add!) to comp.binaries.mac. Quite honestly, abusive users aren't all /that/ bad.. (except one user who consistantly renames Microsoft Word to "Micorosoft Word" to throw off my HyperCard startup stack! Grr!) The network will make recovery from those kinds of things easier, however. The main problem is (of course) Microsoft Word's non-standard MENU's (how about non-existant) that include a "Delete File" option that will delete any file in any folder, regardless of protection bits, etc. Does anyone know if there is a way to patch the standard file dialoge to /not/ include folders or files that are invisible? > Tim Maroney, Mac Software Consultant, sun!hoptoad!tim, tim@toad.com > Postal: 424 Tehama, SF CA 94103; Phone: (415) 495-2934 -/ Dave Caplinger /------------------+----------------------------------- Microcomputer Specialist | Internet: unocc07@zeus.unl.edu "Computing and Data Communications" | UUCP: uunet!btni!unocss!dent University of Nebraska at Omaha | Bitnet: UNOCC07@UNOMA1 Omaha, NE 68182 | or dc3a+@andrew.cmu.edu