deen@topaz.rutgers.edu (Cinnamon Raisin) (04/11/90)
Some friends and I are developing some software that requires equipment that we don't have (386, PostScript Printer), but our school just happens to have laying around in one of their computing centers. The centers are for word processing mainly, but students are allowed to use the computers for other purposes. My problem is that The data and programs would have to be stored on one of the machines hard disk, which is allowed, but then anyone can have access to them. I wouldn't mind saving on floppy, and erasing the hard disk, but the data involved promises to be several megs ziped. Does anyone know of a way of passowrd protecting a directory and it's contents? I have already though of making the directory a hidden directory, but it still allows it to be erased. I am not looking for a foolproof method, but something to give anyone trying to get into or erase my directory a really hard time. Note: It's highly unlikely that this centers computers will see the likes of the Norton Utilities, PC Tools or X-Tree. Tanx In AdvanZ -Z Raisin PS. Please Email responses to me, as I don't read this group often enough. -- ------------------------------------------------------------------------------- rutgers!gritty!zraisin | Super Amazin Cinnamon Raisin | deen@topaz.rutgers.edu ------------------------------------------------------------------------------- < < < < M A Y T H E P R E Z E N T T E N Z B E W I T H Y O U > > > > -------------------------------------------------------------------------------
HVO@psuvm.psu.edu (04/11/90)
PCTools allows H and S attributes on files and sub-dirs. In the PCShell, under File is Attribute Change...first select all of the files within the sub; Slect is under Options. For a sub, goto the Disk menu, Directory Maintenance, Attrib utes...it works the same as files do. Also, PC Magazine has utility file called ATTR.COM which works similiarly to DO S ATTRIB.COM except that it allows H and S as well as A and R, and it works on files and subs. With either utility the results are the same.
nghiem@walt.cc.utexas.edu (Alex Nghiem) (04/11/90)
In article <Apr.10.17.03.29.1990.19908@topaz.rutgers.edu> deen@topaz.rutgers.edu (Cinnamon Raisin) writes: > I have already though of making the directory a hidden directory, >but it still allows it to be erased. I am not looking for a foolproof >method, but something to give anyone trying to get into or erase my directory >a really hard time. > Try using ATTRIB +R *.* on all the files in the subdirectory and then hide the subdirectory. That way, the only people who can erase your files are those who know about the ATTRIB command. nghiem@walt.cc.utexas.edu !cs.utexas.edu!ut-emx!walt!nghiem nghiem@walt.cc.utexas.edu !cs.utexas.edu!ut-emx!walt!nghiem
draper@cpsin1.uucp (Patrick J Draper) (04/11/90)
> Does anyone know of a way of passowrd protecting a directory and >it's contents? > > I have already though of making the directory a hidden directory, >but it still allows it to be erased. I am not looking for a foolproof >method, but something to give anyone trying to get into or erase my directory >a really hard time. > > Note: It's highly unlikely that this centers computers will see >the likes of the Norton Utilities, PC Tools or X-Tree. > > > Tanx In AdvanZ > Something that will give people a really hard time is to use Turbo Pascal (other languages might work too) to create a directory with a funny name that dos doesn't understand from the command line like #&% 123 ---- the space between the % and the 1 is intentional. The idea is that you can use a little program to change your directories. What's really neat is that on a dos directory listing, the characters you use after the space will not be displayed, so there's added security. They can't see the full name of the directory, and even if they could, there's no legal way they can specify that directory on a command line. Patrick Draper - Michigan State University
roelofs@amelia.nas.nasa.gov (Ender Wiggin) (04/11/90)
In article <Apr.10.17.03.29.1990.19908@topaz.rutgers.edu> deen@topaz.rutgers.edu (Cinnamon Raisin) writes: > > Does anyone know of a way of passowrd protecting a directory and >it's contents? I can't think of an easy way to password-protect a directory (short of writing a TSR to intercept DOS "del" commands or disk accesses), but I do know of several ways to make it hard to find. Putting the directory several levels deep in the directory tree (preferably under an existing directory and/or subdirectory(s)) is a good start; moving the directory name near the top of the directory listing (with, e.g., Norton's DS program) and changing its date to something similar to the other files (with a utility such as FDATE.COM) would be a start. Adding an extension to the directory name is always a fun one, too. Best of all, however, is using some of the upper-level ASCII characters in the name, ideally with at least one invisible one (e.g. ASCII 255). I'm pretty sure DOS allows that one, and I think most of the others as well; I know the centered dots (254? 250?) are allowed because I've used them in diskette labels before. Thus you could name your directory something like DATA<.>< >.< > where <.> represents one of the centered dots/bullets and < > is ASCII 255. A casual perusal of the parent directory would then list something like DATA. <DIR> 25-JUN-1988 OTHERFIL ES 24564 30-OCT-1988 ETC <DIR> 16-JUN-1988 (or however DOS lists directory entries; I can't remember), but doing a "dir data\*.*" would result in a "directory not found" error or something like that. So would "del data"; and, of course, "del data*.*" only looks for regular files under DOS. These characters can be entered with ALT and the numeric keypad, in case you've forgotten. Hope this helps. Of course, now that millions of users worldwide have just read all this, it's not much of a secret anymore, eh? :) Greg Physics geek from hell
Ralf.Brown@B.GP.CS.CMU.EDU (04/11/90)
In article <1990Apr11.052529.20474@msuinfo.cl.msu.edu>, draper@cpsin1.uucp (Patrick J Draper) wrote: }> Does anyone know of a way of passowrd protecting a directory and }>it's contents? } }Something that will give people a really hard time is to use Turbo }Pascal (other languages might work too) to create a directory with a }funny name that dos doesn't understand from the command line like }#&% 123 ---- the space between the % and the 1 is intentional. The }idea is that you can use a little program to change your directories. }What's really neat is that on a dos directory listing, the characters }you use after the space will not be displayed, so there's added Maybe on your version, but MSDOS 3.3 COMMAND.COM, 4DOS v3.0, SD v6.2, PiCnix v3 "ls" and the PC Tools v5.5 Shell all display the characters after the blank (I just tried it, doing a MKDIR `T 2` with 4DOS). }security. They can't see the full name of the directory, and even if }they could, there's no legal way they can specify that directory on a }command line. Unless they are using 4DOS or the PiCnix utilities or PC Tools or .... -- UUCP: {ucbvax,harvard}!cs.cmu.edu!ralf -=- 412-268-3053 (school) -=- FAX: ask ARPA: ralf@cs.cmu.edu BIT: ralf%cs.cmu.edu@CMUCCVMA FIDO: Ralf Brown 1:129/46 "How to Prove It" by Dana Angluin Disclaimer? I claimed something? 21. proof by ghost reference: Nothing even remotely resembling the cited theorem appears in the reference given.
reeves@dvinci.usask.ca (Malcolm Reeves) (04/14/90)
From article <Apr.10.17.03.29.1990.19908@topaz.rutgers.edu>, by deen@topaz.rutgers.edu (Cinnamon Raisin): > > Does anyone know of a way of passowrd protecting a directory and > it's contents? > A simple but fairly effective method is the make the first character in the directory name ASCII 127. This is the delete/backspace character and makes the directory invisible and difficult to "cd" to on the command line. If you make all the files read only you should be fairly well protected from accidental deletion. There is no way to protect from malicious deletion by someone who knows their way around ms-dos - like your friendly computer lab manager :-)
rlb@cs.odu.edu (Robert L. Bailey) (04/14/90)
In article <1990Apr13.173945.15786@dvinci.usask.ca> reeves@dvinci.usask.ca (Malcolm Reeves) writes: >From article <Apr.10.17.03.29.1990.19908@topaz.rutgers.edu>, by deen@topaz.rutgers.edu (Cinnamon Raisin): >> >> Does anyone know of a way of passowrd protecting a directory and >> it's contents? >> >A simple but fairly effective method is the make the first character in the >directory name ASCII 127. This is the delete/backspace character and makes >the directory invisible and difficult to "cd" to on the command line. If >you make all the files read only you should be fairly well protected from >accidental deletion. There is no way to protect from malicious deletion by >someone who knows their way around ms-dos - like your friendly computer lab >manager :-) There is a shareware/PD program that uses the delete character trick. It is called SECRET.ARC. It includes 3 programs: SECRETMD - to make a dir SECRETCD - to change to a secret dir SECRETRD - to remove a secret dir It is available on many BBSs. If you get it, and keep the programs on diskette, it will keep the casual user from getting at your files, but, as stated above, someone that really knows his stuff can still get at the files (or someone with a good utility set like Norton). The directories created with this program are created with the hidden attribute, so they are not visible unless something like Nortons is used.