CD ROM Paradise Collection 4

home *** CD-ROM | disk | FTP | other *** search

/ CD ROM Paradise Collection 4 / CD ROM Paradise Collection 4 1995 Nov.iso / dskutil / acsademo.zip / ACSA.DOC < prev next >

Wrap

Text File | 1994-08-25 | 144KB | 3,053 lines

ACSA (ACcesS Authorization) Software System USER's Manual (C) Copyright 1991, 1994 by Data Rescue Services. C O N T E N T S. Introduction........................................................3 PART 1 ----------- ACSA SETUP ...................................5 Installing ACSA on your hard disk.............................5 Auto-installation.............................................8 Manual installation...........................................11 Removal and transferring of ACSA from PC......................21 Restoring the Partittion Table................................25 Hard disk encryption/decryption...............................26 Restoring after damages or errors............................ 30 Preparation of bootable floppy disk with ACSA................ 33 PART 2 ------------ ACSA IDEAS AND COMMANDS .........................34 Basic ideas of ACSA...........................................36 Managing of users.............................................38 The description of ACSA commands............................42 CHMOD ................................................42 LOGIN ................................................45 USER .................................................46 WHO ..................................................47 AMOD .................................................48 PASSWD ...............................................50 Peculiarities of running DOS under ACSA ......................51 The ACSA.LOG file ............................................52 The ACSA.CFG file ............................................52 Switches used with ACSA.SYS file .............................53 Starting of activities ......................................54 PART 3 ---------- ACSA Shell ........................................ 56 ACSA Shell....................................................56 Function keys of ACSA Shell ................................. 58 Changing file protection modes (CHMOD) in ACSA Shell .........59 Creating user file editor and file viewer ................... 62 Pull-down menus: ............................................ 65 LEFT (RIGHT) ........................................ 65 FILES ............................................... 67 COMMANDS ............................................ 70 OPTIONS ............................................. 72 - 1 - ╔═══════════════════════════════════════╗ │ │ │ ACSA │ │ ACcesS Authorization system │ │ Version 1.05 │ │ │ │ Copyright (c) 1991-1994 by │ │ Data Rescue Services. │ │ All Rights Reserved │ │ │ │ Setup Programm │ │ 19-Jul-1994 │ ╚═══════════════════════════════════════╝ THE VERY FIRST AND VERY IMPORTANT NOTICE: - Access Authorization System (ACSA) uses obsure features of MS-DOS (PC-DOS). It optionally encrypts hard disk, RAM, and performs other vital modifications to kernel of operating system. Therefore we cannot endorse ACSA for all existing IBM PC compatible computers. - It is solely user's responsibility to choose ACSA or to refuse it. If you believe that your computer is not 100% compatible with IBM or has an unusual or non-standard configuration, ACSA may not be compatible with such machines. - 2 - ╔═══════════════════════════════════════════════════════════════════════╗ ║ ░░░░▒▒▒▓▓█ACSA██████████ A C S A ██████████ACSA█▓▓▒▒▒░░░░ ║ ║ (c) 1991, 1994 Data Rescue Service. Ver. 1.05 ║ ║ Phone: (415) 282-6464, Toll Free: (800) 234-4379 ║ ║ FAX: (415) 282-6499 A C S A ║ ╚═══════════════════════════════════════════════════════════════════════╝ Protection System ACSA (short for Access Authorizatiion) by Data Rescue Service. Version 1.05 JULY19 1994 Copyright (c) 1991, 1994 by Data Rescue Service. All Rights Reserved. No part of ACSA System or this document may be reproduced without written permission of Data Rescue Services. The exclusive right to distribute ACSA in the United States and Canada belongs to Data Rescue Service Data Rescue Service 935 York Street Suite 200 San Francisco, CA 94110, U.S.A. This file contains documentation about ACSA - Access Authorization System - protection software for IBM PC compatible computers by Data Rescue Service. - 3 - INTRODUCTION. Preface. ~~~~~~~~ Thank you for your interest for Access Authorization System (ACSA)! Data Rescue Services hopes that ACSA will help you to : - Safely protect your data against ANY bulgar; - Share the same computer between several users with different access rights; - Protect your computer against ANY present and FUTURE possible computer viruses; - Implement UNIX ideas of computer security on your PC and to understand better UNIX! This document has three parts. The first part describes the process of installation of on hard disk. The second part helps you to remind the ideas of security implemented in UNIX operating system. At the same time the second part shows how UNIX ideas of security work in ACSA. The third part descibes the functions of ACSA Shell - a special very powerful service program for manipulating both files and ACSA protection attributes. - 4 - Data Rescue Services strongly recommends you to read the whole document, especially the first part. As any lock or security system, ACSA requires certain attention and understanding. If not properly installed, the system may not function as describe. Do not try to attempt the installation of ACSA without reading of this document, especially the first part. General word about privacy and computer security. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ A lot of books were written about computer security. There is no need to re-invent the wheel. We would like to remind some points which are crucial for any security system especially for ACSA. A security system is like a lock at your front door. It means that you have to treat it the same way: - Always have a key from a door with youself - Do not leave front door open when you go out - Do not let any suspicious people in and so on. The point is that any powerful security system becomes hopeless if certain common sense rules are ignored. The same applies to ACSA. If you use some common name like "12345" or "access" as a password, all system becomes helpless. If you leave your desk, forgetting to run USER command or reboot your machine - the system is open for everybody. At the same time if you have installed ACSA, encrypted your hard disk but... forgot your (or supervisor's) password - what can be done about it? Let assume that you've got a bullet-proof door and lost your keys. The result is the same. In this case you will have to mail to Data Rescue Services your installation floppy disk for password recovery. So, please remember your password or write it down to some safe place. - 5 - PART 1. INSTALLING ACSA ON YOUR HARD DISK. Compatibility with other programs. 1. FDISK.EXE, DM.EXE (Disk Manager) and other programs which change the partition table are not compatible with ACSA. Therefore you must run them before installing ACSA or after removing ACSA from your computer. 2. The program CALIBRAT and the WEEKLY TEST SURFACE programs in Norton Disk Doctor also do not work together with ACSA, because they perform special operations with the hard disk. The first part describes the process of installation of on hard disk. The installation is carried out as a dialog with user. The process of installation is rather simple. Everybody can do it just browsing through this manual. Data Rescue Services strongly recommend to install ACSA in strict accordance to the present manual. You cannot install ACSA in any other way than described here. We believe that an unauthorized attempt to install ACSA (except for ACSA-DEMO version) is impossible. Before installation please note the following: - Your operating system is MS-DOS 3.3+ or PC-DOS 3.3+ only! ACSA will not work under DR-DOS like system - Make sure that you have 0.5 Mb of free disk space. - Your computer is IBM PC compatible. - Your computer does not any other software security system installed (ADM, PROTEK, PROT, etc.) including server security implemented for dedicated file servers - For DOS 4.x , 5.0 , 6.0 + users - file SHARE.EXE is available upon boot. (you may place it in root directory) - ACSA floppies are not write-protected ACSA system was testing for a long time on a great number of computer and together with device drivers: HARDRIVE.SYS DMDRVR.BIN (DISK MANAGER), SSTOR.SYS (SPEED STOR), PIEDISK.SYS. Before installation make the following changes in AUTOEXEC.BAT and CONFIG.SYS - 6 - Changes in AUTOEXEC.BAT - ~~~~~~~~~~~~~~~~~~~~~~~~~~~ C:\ACSA\ACMD LOGIN This line should preceed any user-interactive commands, because ACSA disables <Ctrl> and <Alt> keys before ACMD LOGIN is executed. We also recommend to add C:\ACSA statement to your PATH variable. If a computer is intended to use by several users, you may include the statement: IF EXIST PROFILE.BAT PROFILE.BAT as the last line in AUTOEXEC.BAT. Please refer to the second part of the manual for the full description of PROFILE.BAT Example: @echo off prompt $p$g path c:\dos;c:\nu;c:\windows;c:\acsa acmd login c:\dos\mouse ..... if exist profile.bat profile.bat Changes in CONFIG.SYS - ~~~~~~~~~~~~~~~~~~~~~~~~~ DEVICE=C:\ACSA\ACSA.SYS We recommend to put this line as early as possible in CONFIG.SYS. However, many computers use memory managers (QEMM, HIMEM, 386MAX, etc.) and disk compression utilities (DoubleDisk, SuperStore, Stacker). In this case line DEVICE=C:\ACSA\ACSA.SYS should be placed AFTER those programs. Disk cache programs (NCACHE) from the Norton Utilities package and some other caching programs must be loaded as drives in the CONFIG.SYS file before the ACSA.SYS driver. If you wish to perform any memory oprimization actions (QEMM: OPTIMIZE), or disk comperssion actions - you will have to disable ACSA.SYS. It may be done in two ways: (1) REM DEVICE=C:\ACSA\ACSA.SYS or (2) DEVICE=C:\ACSA\ACSA.SYS /driveroff Please note: ways (1) and (2) do NOT remove ACSA from your computer. Even if ACSA.SYS is not loaded, your PC is still under partial control of ACSA. Full removal of ACSA is possible via SETUP program. Please refer to the second part of the manual for full description of the set of switches, if you experience certain problems upon boot up. During the installation process ACSA creates files C:\CONFIG.ACS and C:\AUTOEXEC.ACS with the the proposed changes. - 7 - Before you start SETUP please note: Every time you run the ACSA Setup program, you must be certain that: ┌─────────────────────────────────────────────────────────────────────────┐ │ │ │ * you have BACKED UP ALL FILES on your hard disk. Do it NOW! │ │ │ │ * you have booted your computer from a floppy disk with just the │ │ DOS system on it. There must not be any TSR's loaded, and the │ │ CONFIG.SYS file should NOT contain the line DEVICE=ACSA.SYS. │ │ │ │ * there is no other software system to prevent unsanctioned access │ │ installed on your hard disk. │ └─────────────────────────────────────────────────────────────────────────┘ Now, please insert floppy disk with ACSA in floppy drive A: (Only A:!) and type: SETUP Finally SETUP program displays the following screen: (this screen appears ONLY when you run working (NOT DEMO!) version of ACSA) ┌───────────────────────────────────────┐ │ Enter computer name for installation │ │ │ └───────────────────────────────────────┘ You have to select the master password for the computer. The master password becomes the permanent password of super-user "root" (see part 2 for details) even if you in future specify another password by command ACMD PASSWD. Assigning of permanet super password is very important part during the installation. If you want, it's like giving a name to a child. Please write it down to some safe place, or perform any other actions to insure that you (as owner of a copy) have access to it. On the other hand, it's a super-password emergency name, so anybody who knows it's name can get a universal access to the computer. ACSA reserves this name in case of emergency. - 8 - ACSA AUTO - INSTALLATION ╔═════════════════════════════════════════════════════════════════════════╗ │ SET DISPLAY Partition menu Transfer files pRepare Exit │ ╚═════════════════════════════════════════════════════════════════════════╝ ╔═══════════════════════════════════════╗ │ │ │ ACSA │ │ ACcesS Authorization system │ │ Version 1.05 │ │ │ │ Copyright (c) 1991-1994 by │ │ Data Rescue Services. │ │ All Rights Reserved │ │ │ │ Setup Program │ │ 19-Jul-1994 │ ╚═══════════════════════════════════════╝ Fig. 1 Fig.1 shows the initial welcome screen. It contains the version number, preparation date and some other information. We recommend you to setup display type first. - 9 - ╔═════════════════════════════════════════════════════════════════════════╗ │ SET DISPLAY Partition menu Transfer files pRepare Exit │ ╚═════════════════════════════════════════════════════════════════════════╝ ┌─────────────────────────────────┐ │ Select display type for output │ │ COLOR b/w │═════════════════════╗ └─────────────────────────────────┘ │ │ ACSA │ │ ACcesS Authorization system │ │ Version 1.05 │ │ │ │ Copyright (c) 1991-1994 by │ │ Data Rescue Services. │ │ All Rights Reserved │ │ │ │ Setup Program │ │ 19-Jul-1994 │ ╚═══════════════════════════════════════╝ Fig. 2 Fig.2 shows ACSA menu for chnging display mode The next step is "pRepare" option in main menu. When preparation is finished, you will see the following picture: - 10 - ╔═════════════════════════════════════════════════════════════════════════╗ │ Set display Partition menu Transfer files Uninstall Exit │ ╚═════════════════════════════════════════════════════════════════════════╝ ╔═══════════════════════════════════════╗ │ │ │ ┌───────────────────────────────────┐│ │ │ Prepare Hard Disks is completed. ││ │ │ ││ │ │ Please select ACSA install mode: ││ │ │ AUTO Manual ││ │ └───────────────────────────────────┘│ │ Copyright (c) 1991-1994 by │ │ Data Rescue Services. │ │ All Rights Reserved │ │ │ │ Setup Program │ │ 19-Jul-1994 │ ╚═══════════════════════════════════════╝ Fig. 3 The installation process may be carried out manually or automatically. We recommend automatic installation when you install ACSA for the first time. Manual installation gives you more interaction, but require some experiense. During installation the system will copy ACSA system on your hard disk into C:\ACSA or other user-specified subdirectory. Upon the completion of installation the following message will be displayed. ╔═══════════════════════════════════════╗ │ │ │ ACSA │ │ ACcesS Authorization system │ ┌─────────────────────────────────────────┐ │ Auto install ACSA System is completed. │ └─────────────────────────────────────────┘ │ │ │ Copyright (c) 1991-1994 by │ │ Data Rescue Services. │ │ All Rights Reserved │ │ │ │ Setup Programm │ │ 19-Jul-1994 │ ╚═══════════════════════════════════════╝ Fig. 4 You can exit the installation program now and process to page 33. ACSA will be activated when you reboot your computer. Login as "root" - 11 - ACSA MANUAL INSTALLATION If you decide to process manual installation, you have to select "Partition menu" first. ╔═════════════════════════════════════════════════════════════════════════╗ │ Set display PARTITION MENU Transfer files Uninstall Exit │ ╚═════════════════════════════════════════════════════════════════════════╝ ┌───────────────────────────────┐ │ Current hard disk : 1 │═════════════════════╗ │ │ │ │ CHANGE PARTITION │CSA │ │ View Partition table │rization system │ │ Write Partition table │ion 1.05 │ │ Change current Disk │ │ │ ───────────────────────────── │) 1991-1994 by │ │ │ue Services. │ │ cOde Partition │ts Reserved │ │ dEcode Partition │ │ │ ───────────────────────────── │Program │ │ Save table to Floppy │ul-1994 │ │ Restore table from Floppy │ │ └───────────────────────────────┘═════════════════════╝ Fig. 4 The next step is option "Change partition" - 12 - ╔═════════════════════════════════════════════════════════════════════════╗ │ Set display PARTITION MENU Transfer files Uninstall Exit │ ╚═════════════════════════════════════════════════════════════════════════╝ ┌──────────────────────────────┐ │ 01. Not used │ ┌──────────────────────────────│ 02. Not used │ │ Current hard disk : 1 │ 03. Not used │ │ │ 04. Not used │ │ CHANGE PARTITION │ 05. Not used │ │ View Partition table │ 06. Not used │ │ Write Partition table │ 07. Not used │ │ Change current Disk │ 08. Not used │ │ ─────────────────────────────│ 09. Not used │ │ │ 10. Not used │ │ cOde Partition │ 11. Not used │ │ dEcode Partition │ 12. Not used │ │ ─────────────────────────────│ 13. ACSA DOS Active │ │ Save table to Floppy │ 14. ACSA Read/Write │ │ Restore table from Floppy │ 15. Not used │ └──────────────────────────────│ 16. Not used │ └──────────────────────────────┘ Fig. 5 Fig. 5 shows ACSA Partition Table Manager. In order to protect your hard disk from unauthorized access from floppy drive, the special ACSA attribute must be set in Partition table. Use cursor arrows to select all possible lines and press ENTER. When partition table is saved ("Write partition table "), your hard disk becomes unaccessible for users trying to log in using bootable floppy disk. If you want to re-gain access to your hard disk using bootable floppy, you have to remove ACSA attribute from partition table. Use cursor arrows to select all possible lines and press ENTER. ACSA partition attribute will be reset. When partition table is saved ("Write partition table "), your hard disk becomes accessible for users trying to log in using bootable floppy disk. - 13 - ╔═════════════════════════════════════════════════════════════════════════╗ │ Set display PARTITION MENU Transfer files Uninstall Exit │ ╚═════════════════════════════════════════════════════════════════════════╝ ┌───────────────────────────────┐ │ Current hard disk : 1 │═════════════════════╗ │ │ │ │ Change Partition │ │ │ View Partition table │CSA │ │ WRITE PARTITION TABLE │rization system │ │ Change current Disk │ion 1.05 │ │ ───────────────────────────── │ │ │ │) 1991-1994 by │ │ cOde Partition │ue Services. │ │ dEcode Partition │ts Reserved │ │ ───────────────────────────── │ │ │ Save table to Floppy │Programm │ │ Restore table from Floppy │ul-1994 │ └───────────────────────────────┘═════════════════════╝ Fig. 6 The next step is WRITE PARTITION TABLE. Place cursor into Write Partition Table field and press ENTER. - 14 - ╔═════════════════════════════════════════════════════════════════════════╗ │ Set display PARTITION MENU Transfer files Uninstall Exit │ ╚═════════════════════════════════════════════════════════════════════════╝ ┌───────────────────────────────┐ │ Current hard disk : 1 │═════════════════════╗ │ │ │ │ Change Partition │CSA │ │ View Partition table │rization system │ │ Write Partition table │ion 1.05 │ │ Change current Disk │ │ │ ───────────────────────────── │) 1991-1994 by │ │ │ue Services. │ │ cOde Partition │ts Reserved │ │ dEcode Partition │ │ │ ───────────────────────────── │Program │ │ SAVE TABLE TO FLOPPY │ul-1994 │ │ Restore table from Floppy │ │ └───────────────────────────────┘═════════════════════╝ Fig. 7 The function "Save table to Floppy" allows you to backup partition table on floppy disk. This function may be extremely useful in case of damage of partition table by virus or computer malfunction. In this case you may always restore the partition table using function "Restore table from floppy" . Remember to use "Save table to floppy" any time when you use software which affects the partition table (FDISK, Disk Manager or others) - 15 - ╔═════════════════════════════════════════════════════════════════════════╗ │ Set display PARTITION MENU Transfer files Uninstall Exit │ ╚═════════════════════════════════════════════════════════════════════════╝ ┌───────────────────────────────┐ │ Current hard disk : 1 │═════════════════════╗ │ │ │ │ Change Partition │CSA │ │ View Partition table │rization system │ │ Wri┌──────────────────────────────────────────────────────┐ │ Cha│ Insert your floppy disk and press any key when ready │ │ ─────└──────────────────────────────────────────────────────┘ │ │ue Services. │ │ cOde Partition │ts Reserved │ │ dEcode Partition │ │ │ ───────────────────────────── │Program │ │ SAVE TABLE TO FLOPPY │ul-1994 │ │ Restore table from Floppy │ │ └───────────────────────────────┘═════════════════════╝ Fig. 8 Fig 8. displays ACSA message when you are prompted to insert another floppy disk to backup your partition table. - 16 - ╔═════════════════════════════════════════════════════════════════════════╗ │ Set display Partition menu TRANSFER FILES Uninstall Exit │ ╚═════════════════════════════════════════════════════════════════════════╝ ┌─────────────────────────────┐ ╔══════════│ TRANSFER ALL FILES │ │ │ tRansfer ACSA.SYS │ │ │ Change special password │ │ Acce│ change Screen mode │ │ │ rename ACSA directory │ │ └─────────────────────────────┘ │ Copyright (c) 1991-1994 by │ │ Data Rescue Services. │ │ All Rights Reserved │ │ │ │ Setup Program │ │ 19-Jul-1994 │ ╚═══════════════════════════════════════╝ Fig. 9 The next step is choice of "Transfer files" routine from the top menu. - 17 - ╔═════════════════════════════════════════════════════════════════════════╗ │ Set display Partition menu TRANSFER FILES Uninstall Exit │ ╚═════════════════════════════════════════════════════════════════════════╝ ┌─────────────────────────────┐ ┌───────────────────── Enter path to ACSA directory ─────────────────────┐ │ C:\ACSA │ └────────────────────────────────────────────────────────────────────────┘ │ Acce│ change Screen mode │ │ │ rename ACSA directory │ │ └─────────────────────────────┘ │ Copyright (c) 1991-1994 by │ │ Data Rescue Services. │ │ All Rights Reserved │ │ │ │ Setup Program │ │ 19-Jul-1994 │ ╚═══════════════════════════════════════╝ Fig. 10 Select the path for ACSA subdirectory If "ACSA" name satisfies you - press ENTER. - 18 - ╔═════════════════════════════════════════════════════════════════════════╗ │ Set display Partition menu TRANSFER FILES Uninstall Exit │ ╚═════════════════════════════════════════════════════════════════════════╝ ┌─────────────────────────────┐ ╔══════════│ TRANSFER ALL FILES │ │ │ tRansfer ACSA.SYS │ │ │ Change special password │ │ Acce│ ┌─────────────────────────────┐ │ │ │ Please, Select screen mode │ │ └─│ for ACSA commands │ │ Insta│ ─────────────── │ │ │ COLOR b/w │ │ (C)Copyrig└─────────────────────────────┘ │ │ │ Setup Program │ │ │ ╚═══════════════════════════════════════╝ Fig. 11 Menu at fig. 11 asks you to chose the color mode for ACSA commands. You may choose COLOR or B/W mode. - 19 - ╔═════════════════════════════════════════════════════════════════════════╗ │ Set display Partition menu TRANSFER FILES Uninstall Exit │ ╚═════════════════════════════════════════════════════════════════════════╝ ┌─────────────────────────────┐ ╔══════════│ TRANSFER ALL FILES │ │ │ tRansfer ACSA.SYS │ │ │ Change special password │ │ Acce│ change Screen mode │ │ ┌─────────────────────────────────────┐│ │ │ Transfer ACSA system is completed. │┘ │ └─────────────────────────────────────┘ │ Copyright (c) 1991-1994 by │ │ Data Rescue Services. │ │ All Rights Reserved │ │ │ │ Setup Program │ │ 19-Jul-1994 │ │ │ │ │ ╚═══════════════════════════════════════╝ Fig. 12 If manual setup of ACSA finished successfully, you should see the screen (fig. 12) - 20 - ╔═════════════════════════════════════════════════════════════════════════╗ │ Set display Partition menu Transfer files Uninstall EXIT │ ╚═════════════════════════════════════════════════════════════════════════╝ ╔═══════════════════════════════════════╗ │ │ │ ACSA │ │ ACcesS Authorization system │ │ Version 1.05 │ │ Copyright (c) 1991-1994 by │ │ Data Rescue Services. │ │ All Rights Reserved │ │ │ │ Setup Program │ │ 19-Jul-1994 │ │ │ ╚═══════════════════════════════════════╝ Fig 13. This stage concludes the process of ACSA installation on hard disk. When you reboot the computer, ACSA system will start to function. The description of ACSA commands is located in the second part of the present manual. - 21 - UNINSTALLING OF ACSA ╔═════════════════════════════════════════════════════════════════════════╗ │ Set display Partition menu Transfer files UNINSTALL Exit │ ╚═════════════════════════════════════════════════════════════════════════╝ ╔═══════════════════════════════════════╗ │ │ │ ACSA │ ┌───────────────────── ERROR ──────────────────────┐ │ Please remove ACSA attribute in Partition Table │ │ from all your Hard Drives. │ └──────────────────────────────────────────────────┘ │ Version 1.05 │ │ Copyright (c) 1991-1994 by │ │ Data Rescue Services. │ │ All Rights Reserved │ │ │ │ Setup Program │ │ 19-Jul-1994 │ │ │ ╚═══════════════════════════════════════╝ Fig. 14 This is the description of ACSA removal from PC. This procedure is necessary to transfer ACSA on another computer. First of all remove the line: device = c:\acsa\acsa.sys from CONFIG.SYS and acmd login from AUTOEXEC.BAT Secondly, remove ACSA attribute from ACSA Partition Table Manager. Removal of ACSA attribute is opposite function as described at Fig. 5 page. 12. If ACSA attributes are not cleared, you will see an error message displayed at fig. 14. - 22 - ╔═════════════════════════════════════════════════════════════════════════╗ │ Set display PARTIITON MENU Transfer files Uninstall Exit │ ╚═════════════════════════════════════════════════════════════════════════╝ ┌──────────────────────────────┐ │ 01. Not used │ ┌──────────────────────────────│ 02. Not used │ │ Current hard disk : 1 │ 03. Not used │ │ │ 04. Not used │ │ CHANGE PARTITION │ 05. Not used │ │ View Partition table │ 06. Not used │ │ Write Partition table │ 07. Not used │ │ Change current Disk │ 08. Not used │ │ ─────────────────────────────│ 09. Not used │ │ │ 10. Not used │ │ cOde Partition │ 11. Not used │ │ dEcode Partition │ 12. Not used │ │ ─────────────────────────────│ 13. DOS Active │ │ Save table to Floppy │ 14. Read/Write │ │ Restore table from Floppy │ 15. Not used │ └──────────────────────────────│ 16. Not used │ └──────────────────────────────┘ Fig. 15 Fig. 15 shows the ACSA Partition Table Manager without ACSA attributes. Fig. 16 - 18 show the process of removal ACSA from PC. - 23 - ╔═════════════════════════════════════════════════════════════════════════╗ │ Set display PARTITION MENU Transfer files Uninstall Exit │ ╚═════════════════════════════════════════════════════════════════════════╝ ┌───────────────────────────────┐ │ Current hard disk : 1 │═════════════════════╗ │ │ │ │ CHANGE PARTITION │CSA │ │ View Parti┌────────────────────────────────────────┐ │ Write Part│ Do you wish to save Partition table ? │ │ Change cur│ YES no │ │ ────────────└────────────────────────────────────────┘ │ │) 1991-1994 by │ │ cOde Partition │ue Services. │ │ dEcode Partition │ts Reserved │ │ ───────────────────────────── │ │ │ Save table to Floppy │Program │ │ Restore table from Floppy │ul-1994 │ └───────────────────────────────┘═════════════════════╝ Fig. 16 ╔═════════════════════════════════════════════════════════════════════════╗ │ Set display Partition menu Transfer files UNINSTALL Exit │ ╚═════════════════════════════════════════════════════════════════════════╝ ╔═══════════════════════════════════════╗ │ │ ┌───────────────────────── WARNING ─────────────────────────┐ │ Be sure that you remove driver ACSA.SYS from CONFIG.SYS, │ │ and command LOGIN.COM from AUTOEXEC.BAT !!! │ │ ───────── │ │ Cancel UNINSTALL Restore │ └───────────────────────────────────────────────────────────┘ │ Copyright (c) 1991-1994 by │ │ Data Rescue Services. │ │ All Rights Reserved │ │ │ │ Setup Program │ │ 19-Jul-1994 │ │ │ ╚═══════════════════════════════════════╝ Fig. 17 - 24 - ╔═════════════════════════════════════════════════════════════════════════╗ │ Set display Partition menu Transfer files UNINSTALL Exit │ ╚═════════════════════════════════════════════════════════════════════════╝ ╔═══════════════════════════════════════╗ │ │ │ ACSA │ │ ACcesS Authorization system │ │ ┌────────────────────────────────────┐│ │ │ UNINSTALL Hard Disks is completed ││ │ └────────────────────────────────────┘│ │ │ │ Copyright (c) 1991-1994 by │ │ Data Rescue Services. │ │ All Rights Reserved │ │ │ │ Setup Program │ │ 19-Jul-1994 │ │ │ │ │ ╚═══════════════════════════════════════╝ Fig. 18 - 25 - RESTORING OF PARTITION TABLE ╔═════════════════════════════════════════════════════════════════════════╗ │ Set display Partition menu Transfer files UNINSTALL Exit │ ╚═════════════════════════════════════════════════════════════════════════╝ ╔═══════════════════════════════════════╗ ┌───────────────────────── WARNING ─────────────────────────┐ │ Be sure that you remove driver ACSA.SYS from CONFIG.SYS, │ │ and command LOGIN from AUTOEXEC.BAT !!! │ │ ───────── │ │ Cancel Uninstall RESTORE │ └───────────────────────────────────────────────────────────┘ │ │ │ Copyright (c) 1991-1994 by │ │ Data Rescue Services. │ │ All Rights Reserved │ │ │ │ Setup Program │ │ 19-Jul-1994 │ │ │ │ │ ╚═══════════════════════════════════════╝ Fig. 19 Uninstall mode has an additional function "Restore". "Restore" function is required for Partition Table recovery if ACSA setup fails. Use "Restore" function if ACSA system fails to work after installation. This may happen if another security system is installed on PC. - 26 - HARD DISK ENCRYPTION ╔═════════════════════════════════════════════════════════════════════════╗ │ Set display PARTITION MENU Transfer files Uninstall Exit │ ╚═════════════════════════════════════════════════════════════════════════╝ ┌───────── CODE Partition ──────────┐ ┌──────────────────────────────│ 01. Not used │ │ Current hard disk : 1 │ 02. Not used │ │ │ 03. Not used │ │ Change Partition │ 04. Not used │ │ View Partition table │ 05. Not used │ │ Write Partition table │ 06. Not used │ │ Change current Disk │ 07. Not used │ │ ─────────────────────────────│ 08. Not used │ │ CODE PARTITION │ 09. Not used │ │ dEcode Partition │ 10. Not used │ │ ─────────────────────────────│ 11. Not used │ │ Save table to Floppy │ 12. Not used │ │ Restore table from Floppy │ 13. ACSA DOS Active │ └──────────────────────────────│ 14. ACSA Read/Write │ ╚════════════════│ 15. Not used │ │ 16. Not used │ └───────────────────────────────────┘ Fig. 20 Fig. 20 shows the function cOde Partition. "Code Partition" performs physical encryption of the hard disk which makes it absolutely guarded against any unauthorized access. ACSA system performes enryprion and decryption on-fly. ┌────────────┐ ┌────────────────────────────┐ ┌───────────┐ │ │ │ - monitor │ │ HARD DISK │------->│ decrypts ->│-------->│ - floppy drives │ │ Encrypted │<-------│ encrypts <-│<------- │ - peripheral devices │ └───────────┘ │ │ │ │ │ ACSA │ │ PC operates in NORMAL mode │ └────────────┘ └────────────────────────────┘ Fig. 21 The "cOde Partition" function may be performed for any partition. Just place cursor on the corresponding line and press ENTER. - 27 - ╔═════════════════════════════════════════════════════════════════════════╗ │ Set display PARTITION MENU Transfer files Uninstall Exit │ ╚═════════════════════════════════════════════════════════════════════════╝ ┌───────── CODE Partition ──────────┐ ┌──────────────────────────────│ 01. Not used │ │ Current hard disk : 1 │ 02. Not used │ │ │ 03. Not used │ │ Change Part┌───────────── ATTENTION ──────────────┐sed │ │ View Partit│ It is recommended that the disk │sed │ │ Write Parti│ was backed up before proceeding !!! │sed │ │ Change curr│ Continue ? │sed │ │ ─────────────│ No YES │sed │ │ CODE PART└──────────────────────────────────────┘sed │ │ dEcode Partition │ 10. Not used │ │ ─────────────────────────────│ 11. Not used │ │ Save table to Floppy │ 12. Not used │ │ Restore table from Floppy │ 13. ACSA DOS Active │ └──────────────────────────────│ 14. ACSA Read/Write │ ╚════════════════│ 15. Not used │ │ 16. Not used │ └───────────────────────────────────┘ Fig. 22 We recommend to backup the partition before encoding. In this case you can restore it if PC crashes during encryption (power supply failure, unsupported controller type and other reasons). ACSA keeps the internal backup of each track of the hard disk during encryption. If power supply crashes during encoding, ACSA has ability to find un-finished track and resume encryption. - 28 - ╔═════════════════════════════════════════════════════════════════════════╗ │ Set display PARTITION MENU Transfer files Uninstall Exit │ ╚═════════════════════════════════════════════════════════════════════════╝ ┌───────── CODE Partition ──────────┐ ┌──────────────────────────────│ 01. Not used │ │ Current hard disk : 1 │ 02. Not used │ │ │ 03. Not used │ │ Change Parti┌───────────── WARNING ──────────────┐used │ │ View Partiti│ Estimated time for this operation │used │ │ Write Partit│ is 00:00:42 │used │ │ Change curre│ Continue ? │used │ │ ──────────────│ No YES │used │ │ CODE PARTI└────────────────────────────────────┘used │ │ dEcode Partition │ 10. Not used │ │ ─────────────────────────────│ 11. Not used │ │ Save table to Floppy │ 12. Not used │ │ Restore table from Floppy │ 13. ACSA DOS Active │ └──────────────────────────────│ 14. ACSA Read/Write │ ╚════════════════│ 15. Not used │ │ 16. Not used │ └───────────────────────────────────┘ Fig. 23 ACSA always shows an estimated time for encoding. Therefore you may perform the encryption at any time convinient for you. - 29 - ╔═════════════════════════════════════════════════════════════════════════╗ │ Set display PARTITION MENU Transfer files Uninstall Exit │ ╚═════════════════════════════════════════════════════════════════════════╝ ┌───────── CODE Partition ──────────┐ ┌──────────────────────────────│ 01. Not used │ │ Current hard disk : 1 │ 02. Not used │ │ │ 03. Not used │ │ Change Partition │ 04. Not used │ │ View Partition table │ 05. Not used │ │ Write Partition table │ 06. Not used │ │ Change current Disk │ 07. Not used │ │ ─────────────────────────────│ 08. Not used │ │ CODE PARTITION │ 09. Not used │ │ dEcode Partition │ 10. Not used │ │ ─────────────────────────────│ 11. Not used │ │ Save table to Floppy │ 12. Not used │ │ Restore table from Floppy │ 13. ACSA CODE DOS Active │ └──────────────────────────────│ 14. ACSA Read/Write │ ╚════════════════│ 15. Not used │ │ 16. Not used │ └───────────────────────────────────┘ Fig. 24 After the successful encryption, the word "CODE" appears in ACSA Partition Manager. If process is not finished, the word "CONT" (to be CONTinued) appears instead. The functiom "DECODE PARTITION" performes the reverse actions of the function "CODE PARTITION" - 30 - RECOVERY AFTER DAMAGE ACSA system checks its integrity every time your computer loads the operating system. If you believe that your computer got infection into Partition Table or Partition Table was corrupted, please run ACSA Setup program for Data Recovery. ╔═════════════════════════════════════════════════════════════════════════╗ │ SET DISPLAY Partition menu Transfer files RECOVER Exit │ ╚═════════════════════════════════════════════════════════════════════════╝ ╔═══════════════════════════════════════╗ │ │ │ ACSA │ │ ACcesS Authorization system │ │ Version 1.05 │ │ │ │ Copyright (c) 1991-1994 by │ │ Data Rescue Services. │ │ All Rights Reserved │ │ │ │ Setup Program │ │ 19-Jul-1994 │ ╚═══════════════════════════════════════╝ Fig 25. RECOVER function can restore Master Boot Record and it has several functions. - 31 - ╔═════════════════════════════════════════════════════════════════════════╗ │ Set display Partition menu Transfer files RECOVER Exit │ ╚═════════════════════════════════════════════════════════════════════════╝ ╔═══════════════════════════════════════╗ │ │ │┌─────────────────────────────────────┐│ ││ Please, select recover mode ││ ││ Cancel Floppy Auto Restore Reinstall││ │└─────────────────────────────────────┘│ │ │ │ Copyright (c) 1991-1994 by │ │ Data Rescue Services. │ │ All Rights Reserved │ │ │ │ Setup Program │ │ 19-Jul-1994 │ ╚═══════════════════════════════════════╝ Fig. 26 Functions of RECOVER: FLOPPY - allows to recover MASTER BOOT RECORD from its backup copy stored on floppy disk (ó αÑª¿¼Ñ SAVE TABLE TO FLOPPY); (after function Save Table on Floppy); AUTO - allows to recover MASTER BOOT RECORD automatically, but only if Partition Table is not damaged; RESTORE - restores the original state of hard disk before ACSA installation. Restore function asks for master password (computer name). REINSTALL - Run PREPARE without any check out. - 32 - ╔═════════════════════════════════════════════════════════════════════════╗ │ Set display Partition menu Transfer files Recover Exit │ ╚═════════════════════════════════════════════════════════════════════════╝ ╔═══════════════════════════════════════╗ │ │ │ ACSA │ │ ACcesS Authorization system │ │ ┌──────────────────────────────┐ │ │ │ Recover system is completed │ │ │ └──────────────────────────────┘ │ │ │ │ Copyright (c) 1991-1994 by │ │ Data Rescue Services. │ │ All Rights Reserved │ │ │ │ Setup Program │ │ 19-Jul-1994 │ ╚═══════════════════════════════════════╝ Fig. 27 Upon successful recovery you will see the message displayed at Fig. 27 - 33 - PREPARATION of SYSTEM FLOPPY DISK. Format a regular system diskette, for instanse: format a: /s This diskette will let you boot your computer and run ACSA. In order to run ACSA: 1. Copy the following files on floppy disk: ACSA.SYS - main system driver ACMD.EXE - main ACSA command processor 2. Create CONFIG.SYS with line: device = acsa.sys; 3. Create AUTOEXEC.BAT with line: acmd login 4. If you use DOS 4.0+ copy SHARE.EXE from your DOS to diskette. 5. If you wish, you may copy other ACSA files for your convience. - 34 - PART2. ACSA (Access Authorization) Software System. Basic ideas and features. ACSA offers a comprehensive toolbox for PC protection against unauthorized access: - UNIX security on PC - prevention of program's piracy - limit disk space per user - encryption and decryption of files in real-time - virus "vaccination" - prevent, don't just detect viruses ACSA (ACcesS Authorization system) - 35 - ACSA emulates UNIX security on PC compatible computers and gives several additional security features necessary for PC (limitation of access to floppies, encryption and some others). ACSA offers a principally new approach for virus-protection. ACSA can: - protect of COM, EXE, BAT and any other files and BOOT-record against any modification; - make subdirectories invisible for certain users - restrict access to any files (read/write, read only, execute only, no access) - limit a space for each user (no more junk files and big games at working hours!) - protect hard disk against attempts to access it booting from floppy diskette. - 36 - BASIC IDEAS and CONCEPTS of ACSA. ACSA emulates UNIX security for PC based machines. What does it mean ? The main concept of protection is mutual security of both the system and the data stored in it. Therefore ACSA concentrates its security features at the following two levels: - System level security. ACSA restricts access to the system to only authorized users through a login/user scheme (login/logout in UNIX) - File (sub-directory) level security. ACSA provides privacy for stored data through file access permission scheme. ACSA implements system level security through its login/user procedure. Before granting access to the system, ACSA requests a user name from a prospective user, then checks the reply against the list of authorized user names. ACSA grants access to the system only if the name is found in the list. In addition ACSA provides an extra measure of security by allowing each user to have a password associated with user's name. Users names, passwords and access rights are maintained by system administrator. System administrator has full access rights. ACSA implements a second level of security to protect a user's file against unauthorized access by other users of the system. Each file and directory in ACSA system has exactly one userwho is the OWNER of the file. The owner is typically the user who originally created the file. Each file has also a group owner, which is one of the user's groups on the system. In addition to information about the file's ownership, a set of file access permissions is maintained for each file and sub-directory. These permissions determine which users may access the file and what kinds of file access will be permitted. - 37 - The following three types of file access can be granted or debied: - READ ACCESS allows examination of a file's contents. The file may be displayed on a terminal, copied, compiled, etc. if a user has read access to it. - WRITE ACCESS allows both modifying a file's contents and adding information into file. The file may be alerted or deleted if a user has write access to it. - EXECUTE ACCESS allows execution of a file as a program. Each of these three types of file access may be selectevely granted or denied to the following three classes of users: - The OWNER of the file - Uses in the GROUP owner of the file - OTHER users of the system ┌───────────────────────────────────────────────────────────────────┐ │ ┌─────────────────────────┐ │ │ │ group │ others │ │ │ ┌─────┐ ┌─────┐ ┌─────┐ │ ┌─────┐ ┌─────┐ ┌─────┐ │ │ │ │owner│ │user │ │user │ │ │user │ │user │ │user │ │ │ │ └──┬──┘ └─────┘ └─────┘ │ └──┬──┘ └─────┘ └─────┘ │ │ └────┼─────────────┬──────┘ │ others rights │ │ owner │ group │ -write │ -write │ │ rights│ rights│ -read │ -read │ │ -write│ │ -execute │ -execute │ │ -read └───────────┐ │ ┌────────────┘ │ │ -execute │ │ │ │ │ ┌───┴─┴──┴──────┐ FILE │ │ └─MYFILE.TXT────┘ │ └───────────────────────────────────────────────────────────────────┘ Fig. 28 Examples: A) text.txt w-- means: Me, as owner, WRITE access and NO access to others B) project.prj wr- means: Me, as owner, WRITE access, READ/ONLY access to the members of my group and NO ACEESS to others C) my_prog.com rrx means: READ/ONLY ACCESS to me and to my group and EXECUTE only access to others. File may not have an owner. In this case any user can access it without security limitations. By convention, the super-user is given the user name "root". As the name implies, the super-user owns the root directory. Protection of the super-user password, especially main password ("computer name") is the most critical link in preventing ACSA security and integrity. Any new created files get the following attributes: WRITE for owner NO ACCESS to others (w--) Access scheme may be modified by ACSA command AMOD. - 38 - MANAGING of USERS All information about all users and their rights is srored in the file ACSA.DIR, which is alerted by ADM command. ACSA.DIR should have attributes: root 1 w-- ╔══════════════════════════════════════════════════════════════════╗ ║ ║ ║ The ACSA Administrator ║ ║ ║ ║ N User name Group Home directory Comment ║ ║ ║ ║ 1 root 1 C:\ Super user ║ ║ 2 boot C:\ Initial user ║ ║ 3 disk 1 C:\ Disk service ║ ║ 4 demo 2 C:\ Demo user ║ ║ 5 test 3 C:\ Test user ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ Enter - Change Ins - Add + - Copy Del - Delete Esc - Exit ║ ╚══════════════════════════════════════════════════════════════════╝ Fig. 29 This picture shows the main menu of ADM command. It consitst of several lines describing authorized users of ACSA. Using arrows keys you (system administrator) may choose a user. Pressing "Enter" key will activate another menu for correction of user rights. "Del" key - deletes selected user from the list "+" key - creates a clone of a currently selected user. Using "+" key you may create several users with identical access rights. "Ins" key - also creates a new user, but you will have to specify all the parameters by yourself. - 39 - ╔════════════════════════════════════════════════════════════════════╗ ║ ╔═════════════════════════════════════════════════════╗ ║ ║ ║ ║ ║ ║ ║ UPDATE RECORD ║ ║ ║ User║ ║ ║ ║ ║ User name : demo ║ ║ ║ ║ Number : 4 ║ ║ ║ root║ Password : ║ ║ ║ boot║ Group : 2 ║ ║ ║ disk║ Status Auto : No No Yes ║ ║ ║ demo║ Boss : No No Yes ║ ║ ║ test║ Read : No No Yes ║ ║ ║ ║ Write : No No Yes ║ ║ ║ ║ Wroot : No No Yes ║ ║ ║ ║ Directory : C:\ ║ ║ ║ ║ Space (Kb) : ║ ║ ║ ║ Comment : Demo user ║ ║ ║ ║ ║ ║ ║ ║F2 Show F3 Manual F10 Save Enter Accept Esc Exit ║ ║ ║ ╚═════════════════════════════════════════════════════╝ ║ ║ Enter - Change Ins - Add + - Copy Del - Delete Esc - Exit ║ ╚════════════════════════════════════════════════════════════════════╝ Fig. 30 The picture Fig. 30 displayes the user management menu. Here you can change user's name (User name), user's password (Password), user's group (Group), "automatic registration" attribute (Status Auto), "group supervisor" attribute (Boss), the ability to read sectors directly (Read), the ability to write into sectors directly (Write), the ability to create files in root directory (Wroot), the name of the working directory (Directory), the maximum available space for user (Space) and any comment (Comment) Pressing F2 key shows the user's password on the screen. If you press F2 key one more time - user's password will be hidden. Pressing F3 key allows to correct group's number and user's number manually. ACSA manages this information automatically when new users are created. Pressing F10 key saves the current state of user The information below explains the meaning of all fields. - 40 - User name (1-8 symbols) - user's registration name. User types this name as the login; Number (number within 1-63) - a unique internal number assigned to any user by ACSA; Password (0-16 sysmbols) - user's password; Group (number within 0-255) - group's number, where user is assigned. The group with a number 1 is reserved for SYSTEM ADMINISTRATOR. If user does not have a group or group number is 0 - group access is denied. Status: Floppy Access (Full Access/Read Only/No floppies) - shows the possible access rights to floppies. Auto (Yes/No) User with Auto-Yes attribute has a privilige skip entering his name in LOGIN or USER commands. ACSA will grant him name automatically. If several users have this attribute, they will be distiniguished by passwords. Boss (Yes/No) User with Boss-Yes attribute may read all files of the group where he is boss. Besides that, he may change access attributes and user's rights for any files in his group. For example, let's consider 3 users: Real Name ACSA Name Group John Doe jdoe 3 Boss Jack Crosby jcrosby 3 Linda Wong lwong 3 If we have the following file mattrix: ACSA DIR root 1 w-- ...A XDIR EXE root 1 rrx .... AAA jdoe 3 +w-- ...A DOC TXT jdoe 3 +w-- .... CHOW TXT jdoe 3 +rrx .... CHMO TXT jcrosby 3 rrx .... AUTO DOC jrosby 3 wrr ...A CONF DBF lwong 3 w-- ...A - 41 - File CONF.DBF belongs to user "lwong". She has WRITE permission for herself and NO permission for any other users. However "lwong" belongs to group number 3, where user "jdoe" is boss. User "jdoe" may access CONF.DBF and he may re-assign owner of the file and file permission scheme. Read (Yes/No) This option allows user to read sectors on the hard disk directly (using DOS Int 25h and Int 13h). ACSA disables this option by default. Users who have Read-Yes attribute may read any sectors on the hard disk using a variety of disk utilities (Norton Utilities, PC Shell, etc.) Write (Yes/No) This option allows user to read sectors on the hard disk and to MODIFY sectors on the hard disk. ACSA disables this option by default. Users who have Write-Yes attribute may modify any sectors on the hard disk using disk utilities (Norton Utilities, PC Shell, etc.). This option should not be granted to many users, because: a) ACSA loses it's anti-viruses features. b) User may tamper a vital sector for operating system (Partition Table, for instanse) which may cause system failure. Wroot (Yes/No) This option allows user to create any files or sub-directories in root directory of the hard disk. ACSA disables this option by default. Directory Contains the name of subdirectory where user will be logged in. Format: [d:]path; Example: c:\users\john; ~~~~~~~ Space (Kb) Maximum working space allowed for user. This should be a number in Kilobytes (Kb) within 1 - 999999). A total summary of all files lenghts of user cannot exceed this number. If this number is missing or equals zero, user's disk space is unlimited. Please pay special attention while assigning this number. Users may need more space for the work than you can expect. Example: 2500 ~~~~~~~ Comment ACSA does not analyse this text. This text may be useful just for system administrator. Example: Warning! Never give JOE HACKOR "Write" permission! ~~~~~~~ The file ACSA.DIR should be changed only with ADM command. Don't tamper with ACSA.DIR file by any other editors or utilities. - 42 - THE DESCRIPTION OF ACSA COMMANDS This part of the manual is dedicated to the descriptiopn of ACSA batch commands. Plesase, pay your attention that ACSA system also contains ACSA Shell, which is an integrated shell for navigation of files and ACSA security attributes. 1. CHMOD - Setting of access perimssions CHMOD command has two variations: Variation 1. CHMOD ugo [/r] [/s] filespec where: u - access mode for owner of file; g - access mode for owner's group; o - access mode for others; access modes can be : w - write/read/execute; r - read only; x - execute only; - - no acess Optional switches: /r - include subsirectories in CHMOD recursive process; (see examples below) /s - replace the previous owner and group with current owner and group. filespec - [d:] [path] filename You may easily use wildcards for the filenames - 43 - ACSA can grant CHMOD commands only for those files, which owner is the current user. It means that you cannot change files which have other owner. System administrator can change security mode for all files. Boss of the group may change security attributes for any files in his group. Variation 2. CHMOD status [/r] [/s] filespec where : status - two symbols specified together without blanks: first symbol sets the user type of acess: u - user himself g - user's group o - other users a - all possible users (u+g+o) second symbol determines the access mode: w - write/read/execute; r - read only; x - execute only; - - no acess - 44 - EXAMPLES of CHMOD ~~~~~~~~~~~~~~~~~ 1. CHMOD wr- myfile.dbf It means that for file MYFILE.DBF, located in current directory the following security modes will be set: owner of file - Write permission owner's group - Read Only permission all other users - No access 2. CHMOD wr- *.* For all files in located in current directory the following security modes will be set: owner of file - Write permission owner's group - Read Only permission all other users - No access 3. CHMOD wr- /r /s c:\bigdir\*.* For all files in sub-directory BIGDIR and lower level subdirectories the following security modes will be set: owner of file - Write permission owner's group - Read Only permission all other users - No access Besides that for all specified files, the previously assigned owner and group will be replaced with current owner and group. 4. CHMOD x-- /r \bdir\*.exe For all files with *.EXE extension located in sub-directory BDIR and lower level subdirectories the following security modes will be set: owner of file - Execute permission owner's group - No access all other users - No access This is a very good anti-virus protection. 5. CHMOD uw imp.dat For the file IMP.DAT Write permission will be set for owner. Security modes for all other users will not be changed. 6. CHMOD ar \comdir All users (owner, owner's group and all other users) will not be able to create new files in subdirectory \COMDIR. (We assume that \COMDIR is a sub-directory's name) 7. CHMOD ar \comdir\*.* All users will not be able to modify/delete files from \COMDIR sub-directory. This command is equal to: CHMOD rrr \comdir\*.* - 45 - LOGIN - ACSA login procedure. ACSA command LOGIN (LOGIN.BAT or ACMD LOGIN) is command neccessary for log in. In DOS session LOGIN may be accompanied with potential user's name, which will save some time. Upon execution LOGIN replaces current user and group with new user (and his group) specified in LOGIN. LOGIN also changes to user's working sub-directory (Specified as DIRECTORY in ADM). If LOGIN finds PROFILE.BAT in user's working sub-directory - it executes profile. ┌─────────┐ │MS-DOS is│ │loading │ └┬────────┘ ┌┴────────┐ │ACSA is │ │activated│ └┬────────┘ ┌┴───────┐ │Login is│ │executed│<─────────────┐ └┬───────┘ │ ┌┴─────────────────┐ │ │Is user id/ │ NO─┘ │password correct ?│ └┬─────────────────┘ ┌┴───────────────────┐ │Does user's working │ │directory exist ? │NO────────────┐ └┼───────────────────┘ │ ┌┴───────────────────────────┐ │ │Does user's PROFILE.BAT │NO────┤ │in user's directory exist ?│ │ └┬───────────────────────────┘ │ ┌┴──────────────────────────┐ │ │ Execute PROFILE.BAT ├────> EXIT to DOS └───────────────────────────┘ Fig. 31 - 46 - USER - Change current user ACSA command USER (USER.BAT or ACMD USER) is command neccessary to change current user id and his security rights without re-booting MS-DOS. In DOS session USER may be accompanied with potential user's name, which will save some time. Upon execution USER replaces current user and group with new user (and his group) specified in USER. LOGIN neither changes to user's working sub-directory (Specified as DIRECTORY in ADM) nor excutes PROFILE.BAT. Therefore the current DOS settings (PATH, PROMPT, TSRs and so on) will be unchanged. - 47- WHO - Showing current User ID, Group ID, and current access modes. WHO WHO (WHO.EXE) displayes current user's id, group's id, security access modes and access attributes which will be set for newly created files. Example: ~~~~~~~~ bgeldof 2 W-- Read Wroot User's name: bgeldof User's group: 2 Newly created files will have WRITE permission for "bgeldof" and no access for others. Besides that, "bgeldof" has ability to READ any sectors on the hard disk directly and create new files (or/and sub-directories) in root directory. - 48 - AMOD - Set default access attributes for newly created files - Command AMOD has two variations: Variation 1. AMOD ugo filespec where: u - access mode for owner of file; g - access mode for owner's group; o - access mode for others; access modes can be : w - write/read/execute; r - read only; x - execute only; - - no acess The default security mode is w-- Example: ~~~~~~~ AMOD wr- Which means WRITE for owner, READ ONLY for owner's group and no access to others. Variation 2. AMOD sets access attributes which will be set for newly created files with extensions specified. AMOD Func [Extension ugo [User]] Where : func - { Add | Clear | Del | List } "Add" or "A" - add new extensions and file attributes to the list. You can add up to 8 elements. If you specify ADD function, you also have to specify EXTENSION list and SECURITY modes (ugo) parameters "Clear" or "C" - clears list of administrator and sets permission W-- (by default). Extension list and security modes are not required. "Del" or "D" - delets user's list and sets permission W-- (by default). Extension list and security modes are not required. "List" or "L" - shows the entire list. Extension list and security modes are not required. extension - extension of file names (Examples: COM, EXE, DBF) ugo - security modes (see above) User - user's name - 49 - EXAMPLES of AMOD AMOD add com rrr * After this command all newly created fiels with COM-extension will be available for all types of users as READ/ONLY files. Files with all other extensions will have AMOD default security mask, which is w--. AMOD add exe rrr This command will add also all EXE files to the previous set. AMOD list Prints the entire list of files' extensions and corresponding security masks. AMOD del Deletes the entire list and resets the AMOD to default mask (w--) - 50 - PASSWD - Changing user's password Passwd (PASSWD.BAT or ACMD PASSWD) changes the password of specified user. Without any parameters it will change the current user's password. - 51 - PECULIARITIES OF RUNNING DOS under ACSA ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ACSA offers an absolutely new approach for security under DOS. DOS was designed as an open system, which means that all files are accessible for all PC user and all PC applications. DOS Read-Only, System or Hidden attribtes are not used widely. ACSA sets WRITE/READ-ONLY/EXECUTE ONLY attributes for all files. Besides ACSA disables/enables other vital functions for DOS (direct read, for instance). ACSA pretty much "closes" a computer. Such concept may require certain attention, experience or skills from user. For example, DOS command DELETE is executed if file has WRITE permission, regardless permission access to directory. DOS command RENAME is executed ONLY if a file and subdirectory, where it's located, have WRITE permission. New subdirectories can be created only if parent directory has write permission. DOS command CD (CHDIR) is executed if sub-directory has at least READ-ONLY permission. If ACSA is installed on computer but ACSA.SYS has not executed (ACSA.SYS is corrupted or not accessible) - hard disk becomes write-protected and floppy drives are disabled. For DOS 6+ USERS ~~~~~~~~~~~~~~~~ For security purposes, you can prevent yourself or others from bypassing startup commands (Keys F5 or F8 upon DOS boot up) when your computer starts. To do this, add the SWITCHES /N command as the first command to your CONFIG.SYS file. For more inforamtion, type HELP SWITCHES at the command prompt. Data Rescue Services strongly recommends placing this command AFTER successful installation of ACSA. Do NOT use this command during first time ACSA installation. Make sure ACSA starts properly. As soon as ACSA.SYS is executed, ACSA creates a user with name "boot". You give to grant permission rights to this user to all software packages (device drivers, TSRs,) executed prior to LOGIN. ACSA locks certain keys on keyboard prior to LOGIN. Therefore any user-interacted software packages should be loaded AFTER execution of LOGIN. Many software packages, for example ALL Windows applications, AutoCAD, FoxPro and others create auxilary files and/or subdirectories where they place special files. After the successful shutdown of those software packages, the temporary files are usually deleted. Please grant permission access to those files. Keeping this in mind, you must pay very special attention when setting access permission to files in off-the-shelf software packages. Many modern sophisticated software packages trend to make channges in CONFIG.SYS and AUTOEXEC.BAT prior to ACSA commands. Another type software packages optimize computer memory in peculiar way (QEMM, Memmaker, IBM Ramboost). Execution of such software packages may be incompatible with ACSA or may require very special attention from user. Due to the ideas of ACSA and diversity of hardware/software currently available, Data Rescue Services cannot endorse any compatibility with specific products. ACSA is designed as security system NOT as DOS utility. Please think twice when assigning new security attributes to files and sub-directories. - 52 - The ACSA.LOG file ~~~~~~~~~~~~~~~~~~~ The ACSA.LOG file contains a log of execution ACSA commands. This may be useful for system administrator to keep track of user activities. Activation of log takes place by indicating the keywords /a or /l or /m or /p in CONFIG.SYS in line device = c:\acsa\acsa.sys The ACSA.CFG file. ~~~~~~~~~~~~~~~~~~ ACSA.CFG contains list of filenames, file extensions and security masks when designated files are created on the hard disk. FIle ACSA.CFG may hold up to 16 sentenses in format: <filename> <access mode> <filename> start at a first position, then space, then three letters for access mode. Example: ~~~~~~~ config.sys w-- autoexec.bat wrr treeinfo.ncd www - 53 - SWITCHES USED WITH ACSA.SYS ACSA.SYS file may be activated with following keywords: /B do not copy MBR from high memory to low memory /C user "boot" is granted "WRITE" permission (Direct Write on Hard Disk) /driverof turns off the driver /E:nn maximum number of lines in ACSA.CFG. The default is 16. This number may vary from 0 to 64 /F ACSA will not emulate Fastopen (Several programs, for example STACKER, require it) /L keep log of LOGIN and USER commands /M keep log of ADM command /O:nn maximum number of lines in AMOD list. (See AMOD for details). The default is 8. This number may vary from 0 to 64 /P keep log of PASSWD command /S:nnnnn maximum sector size on the hard disk. The default is 512. The possible values are 512-1024-2048-4096 /T ACSA will let any user to create temporary files in any subdirectory. /U:nn Maximum numbers of ACSA users. The default is 16. This number may vary from 8 to 63 /W recommended in the event of possible delay of execution of AC, LOGIN, USER or PASSWD commands on some PC/AT machines. /A equal of indicating /L /P /M at the same time - 54 - STARTING OF ACTIVITIES. The major element of ACSA is DOS setup. ACSA.SYS is ACSA driver which controls access for hard disk using ACSA security attributes. Default ACSA.DIR file contains the following information: 1 root 1 C:\ Super user 2 boot C:\ Initial user 3 disk 1 C:\ Disk service 4 demo 2 C:\ Demo user 5 test 3 C:\ Test user Name "root" is reserved for the owner of root directory and files ACSA.DIR, ACSA.LOG. User "root" is SYSTEM ADMINISTRATOR. User "boot" is current user before LOGIN. User "disk" is reserved for direct access for ALL system resources. ACSA does not control ANY activities of user "disk". Data Rescue Services recommend to use this name only for limited number of operations. Shortly after ACSA installation, Data Rescue Services recommend: - Set password command for users "root" and "disk" - Run ASTART.BAT for all logical hard disks. Example: astart c: astart f: ASTART.BAT will set the following ACSA attributes: ------------------------------------------------------- Filename : Owner : Group : Access mode ------------------------------------------------------- \AUTOEXEC.BAT root 1 wrr \COMMAND.COM root 1 rrr \CONFIG.SYS root 1 w-- \IBMBIO.COM root 1 rrr \IBMDOS.COM root 1 rrr \IO.SYS root 1 rrr \MSDOS.SYS root 1 rrr \ACSA root 1 wrr \ACSA\ACSA.CFG root 1 w-- \ACSA\ACSA.DIR root 1 w-- \ACSA\*.BAT root 1 wrr \ACSA\*.DOC root 1 rrr \ACSA\*.INI root 1 www \ACSA\ACSA.SYS root 1 --- \ACSA\*.EXE root 1 rrr \*.ncd root 1 www \*.ini root 1 www ---------------------------------------------------- Fig. 32 - 55 - You may specify general purpose directories for ASTART command as well. In this case the following security attributes will be set. - files *.BAT: root 1 wrr - files *.INI, *.MNU: root 1 www - other files : root 1 rrr For instance, for subdirectories DOS, UT, NU located on C: the command may be executed like this: astart c: dos util nc Data Rescue Services would like some additional recommendations (also see: PECULIARITIES OF RUNNING DOS under ACSA at page. 51) - All directories should have access mode WWW - All EXE, COM, OVL, BIN files should have extension RRR - All other application files may have extension WWW - All user created files (documents, programs, databases, spreadsheets, etc) should have security mode required for security purposes. - Several software packages have internal resources or configuration schemes (We believe most files bigger than 200 Kb have them). Such packages requre Write permission for EXE and OVL files. - Several disk utilities and most disk-cashing programs requre Direct Write Access for the hard disk. User with such privilege may voluntary or involuntary change any sector on the hard disk. It is very dangerous to grant this permission for everybody. When properly installed and maintained ACSA reamins hacker-proof very reliable security, which prevents any attempts to unauthorized access for PC. ACSA offers a very comprehensive toolkit for Hard Disk protection including disk and memory encryption. For last several years no one was able to hack ACSA. Part 3. ACSA (ACcesS Authorization) Software System ACSA Shell (c) Copyright Data Rescue Services 1993-1994 All rights reserved - 57 - AC - ACSA Shell - a special service program which allows easy and flexible tools for user to manipulate files and ACSA security atttributes. To run program press AC (for short module AC.EXE) or ACMAIN (for main module ACAMIN.EXE). The main module is required for AC.EXE as well. ACSA Shell may copy, delete, move, view, edit files and change all possible ACSA modes described in the part 2 of this manual. ACSA Shell may copy, compare, create, delete and rename directories. Besides that it can show directory tree and change security modes for directories. ACSA Shell is very easy to learn and use, because it comprehends the best features from famous file shells. The picture below shows the ACSA Shell main screen. ╔═══════════════ D:\BIN ═══════════════╗╔════════════════ Info ════════11:09:07 │ Name │ User │Grp│Mode│ Size ││ The ACSA Shell, Version 1.05 1994 │ │.. │ │ │ │>UP--DIR<││ (C) Data Rescue Services 1993-1994 │ │datar gif│demo │7 │ WRR│ 24421│╟──────────────────────────────────────╢ │policeme txt│demo │7 │ WRR│ 1828││ 655.360 Bytes Memory │ │eoecee pcx│demo │7 │ WRR│ 30575││ 529.808 Bytes Free │ │ufk2 txt│demo │7 │ WRR│ 1813││ 81.821.440 total bytes on drive D: │ │asiprint com│demo │7 │ RRR│ 2048││ 41.329.152 bytes free on drive D: │ │asiview com│demo │7 │ RRR│ 16384││ 14 files use 344.064 bytes in │ │ufm com│demo │7 │ RRR│ 20992││ D:\BIN │ │ufm pcx│demo │7 │ WRR│ 21614│╟──────────────────────────────────────╢ │ufm asd│demo │7 │ WRR│ 256││ │ │ufm aso│demo │7 │ WRR│ 84480││ │ │ufm asx│demo │7 │ WRR│ 107872││ │ │astasi com│demo │7 │ RRR│ 13312││ │ │read me │demo │7 │ WRR│ 9918││ │ │ │ │ │ │ ││ │ ╟────────────┴──────┴───┴────┴─────────╢│ │ │.. >UP--DIR<││ │ ╚══════ Who: demo 7 WRR Read ══════╝╚══════════════════════════════════════╝ D:\BIN> 2Mode 3View 4Edit 5Copy 6RenMov 7Mkdir 8Delete 9Menu 10Quit Fig. 33 - 58 - The last line in the screen shows the function keys: -- F2 -- Mode Change security mode for files/dirs (CHMOD) -- F3 -- View Activate EXTERNAL viewer -- F4 -- Edit Activate EXTERNAL editor -- F5 -- Copy Copy file(s) -- F6 -- RenMov Move or rename file(s) -- F7 -- MkDir Create a new sub-surectory -- F8 -- Delete Delete file(s) -- F9 -- PullDn Activate top pull-down menu -- F10 -- Quit Quits ACSA Shell The "Ins" key can be used for selection of the files. Arrows keys and PgUp and PgDn keys are used for scrolling. Alt-Blank - places the current subdirectory in the command string Alt-Shift-üπ¬óá - fast disk change for active panel. Ctrl-Enter - places the highlighted file in the command line. Ctrl-Blank - places the full name into the command line. Shift-Enter - fast executution of program. ACMAIN stays in RAM ¼«ñπ½∩ ACMAIN). Shift-Del - toggles Insert/Overwrite mode in command line . Shift-Up - shows the previous command line Shift-Dn - show the next command line. Ctrl-Home - places cursor in the beginning of command line Ctrl-End - places cursor in the end of command line. Ctrl- -> ¿ Ctrl- <- skips words in command line. Ctrl-Back Space - clears the command line. Tab - toggles file panels. Shift-Tab - changes disk in active panel. Pressing ESC key may cause one of the following: - If Global mode is turned on or File Find command is being executed - pressing ESC key will terminate File Find or Global mode - If DOS command line has any characters - they will be cleared - Otherwise, ACSA will respond as specified in Option menu (ESC keys action) - 59 - The following example shows using CHMOD function built in ACSA Shell. Let's take file ADM1.TXT as an example (Fig. 34). It's shown in capitals and underscored. Pressing F2 key activate field CHMOD, containing text WRR. Changing mode is performed by entering any valid characters (W,R,X or - ) in CHMOD field and pressing ENTER. System ADMINISTRATOR can also change the owner of any file. (USER field) In order to do so system ADMINISTRATOR has to press TAB key. ╔═══════════════ D:\BIN ═══════════════╗╔════════════════ Info ════════11:09:07 │ Name │ User │Grp│Mode│ Size ││ The ACSA Shell, Version 1.05 1994 │ │.. │ │ │ │>UP--DIR<││ (C) Data Rescue Services 1993-1994 │ │ac1 txt│demo │7 │ WRR│ 2050│╟──────────────────────────────────────╢ │adm1 pcx│demo │7 │ WRR│ 24421││ 655.360 Bytes Memory │ │ADM1_____TXT│DEMO__│7__│_WRR│_____1828││ 529.808 Bytes Free │ │adm2 pcx│demo │7 │ WRR│ 30575││ 81.821.440 total bytes on drive D: │ │adm2 txt│demo │7 │ WRR│ 1813││ 41.329.152 bytes free on drive D: │ │asiprint com│demo │7 │ RRR│ 2048││ 14 files use 344.064 bytes in │ │asiview com│demo │7 │ RRR│ 16384││ D:\BIN │ │ufm com│demo │7 │ RRR│ 20992│╟──────────────────────────────────────╢ │ufm pcx│demo │7 │ WRR│ 21614││ │ │ufm asd│demo │7 │ WRR│ 256││ │ │ufm aso│demo │7 │ WRR│ 84480││ │ │ufm asx│demo │7 │ WRR│ 107872││ │ │astasi com│demo │7 │ RRR│ 13312││ │ │read me │demo │7 │ WRR│ 9918││ │ │ │ │ │ │ ││ │ │ │ │ │ │ ││ │ │ │ │ │ │ ││ │ ╟────────────┴──────┴───┴────┴─────────╢│ │ │ac1.txt demo 7 WRR 2050││ │ ╚══════ Who: demo 7 WRR Read ══════╝╚══════════════════════════════════════╝ D:\BIN> 2Mode 3View 4Edit 5Copy 6RenMov 7Mkdir 8Delete 9Menu 10Quit Fig. 34 - 60 - Changing security modes for several files is performed in similar way. The only difference is new CHMOD panel activated by F2 (displayed in the fig. 35) where you have to enter new security mode ╔═══════════════ D:\BIN ═══════════════╗╔════════════════ Info ════════11:12:05 │ Name │ User │Grp│Mode│ Size ││ The ACSA Shell, Version 1.05 │ │.. │ │ │ │>UP--DIR<││(C) Data Rescue Services 1993-94 │ │ac1______txt│demo__│7__│_WRR│_____2050│╟──────────────────────────────────────╢ │adm1 pcx│demo │7 │ WRR│ 24421││ 655.360 Bytes Memory │ │adm1_____txt│demo__│7__│_WRR│_____1828││ 429.808 Bytes Free │ │adm2_____pcx│demo__│7__│_WRR│____30575││ 21.821.440 total bytes on drive D: │ │adm2 txt│demo │7 ┌──────────── Modes ────────────┐tes free on drive D: │ │asiprint com│demo │7 │ User Mode │e 348.160 bytes in │ │asiview com│demo │7 │ root W-- │ D:\BIN │ │ufm com│demo │7 │ V History ESC cancel │───────────────────────╢ │ufm pcx│demo │7 └───────────────────────────────┘ │ │ufm asd│demo │7 │ WRR│ 256││ │ │ufm aso│demo │7 │ WRR│ 84480││ │ │ufm asx│demo │7 │ WRR│ 107872││ │ │astasi com│demo │7 │ RRR│ 13312││ │ │read me │demo │7 │ WRR│ 9918││ │ │ │ │ │ │ ││ │ │ │ │ │ │ ││ │ │ │ │ │ │ ││ │ ╟────────────┴──────┴───┴────┴─────────╢│ │ │ 60.687 (63.488) bytes in 3 files ││ │ ╚══════ Who: demo 7 WRR Read ══════╝╚══════════════════════════════════════╝ D:\BIN> 2Mode 3View 4Edit 5Copy 6RenMov 7Mkdir 8Delete 9Menu 10Quit Fig. 35 - 61 - Pressing "Gray +" key activate panel for selecting files using wildcards. You may use valid wildcards in file name, owner's code, owner's group, and security modes. Wildcard ? stands for any symbol and * stands for many symbols. You may specify several wildcards, separating them by comma. Use TAB key to choose the appropriate field. Pressing "Down Arrow" key you can select any previously entered mode. ╔═══════════════ D:\BIN ═══════════════╗╔════════════════ Info ════════ 17:13:09 │ Name │ User │Grp│Mode│ Size ││ The ACSA Shell, Version 1.05 │ │.. │ │ │ │>UP--DIR<││ (C) Data Rescue Services 1993-1994 │ │ac1 txt│demo │7 │ WRR│ 2050│╟──────────────────────────────────────╢ │adm1 pcx│demo │7 │ WRR│ 24421││ 655.360 Bytes Memory │ │adm1 txt│demo │7 │ WRR│ 1828││ 429.808 Bytes Free │ │adm2 pcx│demo │7 │ WRR│ 30575││ 21.821.440 total bytes on drive D: │ │adm2 txt┌───────────────────── Select ──────────────────────┐n drive D: │ │asiprint com│ Files User Group Mode │bytes in │ │asiview com│ pr*.c,*.asm,*.txt * * r* │ │ │ufm com│ V History ESC Cancel │─────────────╢ │ufm pcx└───────────────────────────────────────────────────┘ │ │ufm asd│demo │7 │ WRR│ 256││ │ │ufm aso│demo │7 │ WRR│ 84480││ │ │ufm asx│demo │7 │ WRR│ 107872││ │ │astasi com│demo │7 │ RRR│ 13312││ │ │read me │demo │7 │ WRR│ 9918││ │ │ │ │ │ │ ││ │ │ │ │ │ │ ││ │ │ │ │ │ │ ││ │ ╟────────────┴──────┴───┴────┴─────────╢│ │ │asiprint.com demo 7 RRR 2048││ │ ╚══════ Who: demo 7 WRR Read ══════╝╚══════════════════════════════════════╝ D:\BIN> 2Mode 3View 4Edit 5Copy 6RenMov 7Mkdir 8Delete 9Menu 10Quit Fig. 36 - 62 - CREATING USER's FILE EDITOR AND VIEWER Pressing F3 key activates ACVIEW.BAT which is used for viewing files. An user has to change ACVIEW.BAT file using his favourite file viewers. If you have WPVIEW.EXE from Norton Commander you may use it as specified in the following example of ACVIEW.BAT @echo off c:\nu\wpview.exe %1 >nul Any other file viewer can be turned on respectevely. Pressing F4 key activates ACEDIT.BAT which is used for editing files. An user has to change ACEDIT.BAT file using his favourite file viewers. If you have QEDIT.EXE you may use it as specified in the following example of ACEDIT.BAT @echo off c:\nu\qedit.exe %1 >nul Any other file editor can be turned on respectevely. - 63 - The picture Fig. 37 illustrates copying files (key F5) using ACSA Shell. The similar picture is displayed when moving/renaming files (F6), creating subdirectories (F7). The process of running of those commands is very simple, therefore everybody can find them self-explanatory. Pressing Shift-F6 gives an option renaming the file, while editing his name. ╔═══════════════ D:\BIN ═══════════════╗╔════════════════ C:\ ═════════ 17:15:46 │ Name │ User │Grp│Mode│ Size ││ Name │ User │Grp│Mode│ Size │ │.. │ │ │ │>UP--DIR<││A │demo │7 │ W--│>SUB-DIR<│ │ac1 txt│demo │7 │ WRR│ 2050││ALECV │demo │7 │ WRR│>SUB-DIR<│ │ac2 txt│demo │7 │ WRR│ 2050││ACSA │demo │7 │ WRR│>SUB-DIR<│ │ac3 txt│demo │7 │ WRR│ 2050││DOS330 │demo │7 │ WRR│>SUB-DIR<│ │ac4 txt│demo │7 │ WRR│ 2050││EVA │demo │7 │ WRR│>SUB-DIR<│ │adm1 ┌────────────────────────────── Copy ──────────────────────────────┐-DIR<│ │adm1 │ Copy "adm2.txt" to │-DIR<│ │adm2 │ C:\ │-DIR<│ │adm2 │ F10 Tree V History ESC Cancel │-DIR<│ │asipr└──────────────────────────────────────────────────────────────────┘-DIR<│ │asiview com│demo │7 │ RRR│ 16384││MOUSE │demo │7 │ WRR│>SUB-DIR<│ │ufm asd│demo │7 │ WRR│ 256││SEC │demo │7 │ W--│>SUB-DIR<│ │ufm aso│demo │7 │ WRR│ 84480││TC │demo │7 │ W-R│>SUB-DIR<│ │ufm asx│demo │7 │ WRR│ 107872││TOOLS │demo │7 │ WRR│>SUB-DIR<│ │astasi com│demo │7 │ RRR│ 13312││USER │user │20 │ WWW│>SUB-DIR<│ │read me │demo │7 │ WRR│ 9918││Frecover░idx│ │0 │ ---│ 29│ ╟────────────┴──────┴───┴────┴─────────╢╟────────────┴──────┴───┴────┴─────────╢ │adm2.txt demo 7 WRR 1813││A demo 7 W-- >SUB-DIR<│ ╚══════ Who: demo 7 WRR Read ══════╝╚══════════════════════════════════════╝ D:\BIN> 2Mode 3View 4Edit 5Copy 6RenMov 7Mkdir 8Delete 9Menu 10Quit Fig. 37 - 64 - The picture fig. 38 shows ACSA response after pressing F10 key (Tree) - copying files to specified sub-directory. The moving of files is performed in similar way. ╔═══════════════ D:\BIN ═══════════════╗╔═══════════════ C:\TC ════════ 17:59:54 │ Name │ Us╔═════════════ Choose directory ═════════════╗p│Mode│ Size │ │.. │ │ D:\ │ │ │>UP--DIR<│ │ac1 txt│dem│ ├──ARC │ │ WRR│>SUB-DIR<│ │ac2 txt│dem│ │ └──FOXPRO │ │ WRR│>SUB-DIR<│ │ac3 txt│dem│ │ ├──DOC │ │ WR-│>SUB-DIR<│ │ac4 txt│dem│ │ └──NGUIDE │ │ WR-│>SUB-DIR<│ │ac5 ┌──────────│ ├──FXPD │──────────┐-DIR<│ │adm1 │ Copy "adm│ │ └──DEMO │ │-DIR<│ │adm1 │ C:\TC │ ├──GLDOC │ │-DIR<│ │adm2 │ │ ├──GM │ │-DIR<│ │adm2 └──────────│ │ ├──BLOCKOUT │──────────┘ 419│ │asiprint com│dem│ │ ├──CDMAN │ │ WRR│ 35944│ │asiview com│dem│ │ ├──PEREST │ │ RRR│ 64228│ │ufm com│dem│ │ ├──REGBI │ │ WRR│ 170│ │ufm pcx│dem│ │ └──TOWER │ │ WR-│ 26662│ │ufm asd│dem╟────────────────────────────────────────────╢ │ WRR│ 977│ │ufm aso│dem│ D:\GLDOC │ │ WRR│ 939│ │ufm asx│dem╟────────────────────────────────────────────╢ │ WRR│ 3989│ │astasi com│dem│ TAB Change drive ESC Cancel │ │ WRR│ 3968│ ╟────────────┴───╚════════════════════════════════════════════╝─┴────┴─────────╢ │adm2.txt demo 7 WRR 1813││MK demo 7 WR- >SUB-DIR<│ ╚══════ Who: demo 7 WRR Read ══════╝╚══════════════════════════════════════╝ D:\BIN> 2Mode 3View 4Edit 5Copy 6RenMov 7Mkdir 8Delete 9Menu 10Quit Fig. 38 - 65 - Pressing F9 key activates top pull -down menu with following options: Left - shows left panel menu; Files - shows file command menu; Commands - shows ACSA commands menu; Options - shows ACSA Shell options; Right - shows right panel menu;; Those options are activated on "Left" menu Format or Ctrl-W - changes file display format: Brief - shows only file names Full - shows full information about file Mode - shows files access mode information Time - shows information about date and time of file creation (like in Norton æommander) Pressing Ctrl-W toggles file display mode Global or Ctrl-G - shows all files in all subdirectories below the current sub-directory; Info or Ctrl-L - shows logical information about disk; Tree or Ctrl-T - builds and displays directory tree of the current logical disk; On/Off or Ctrl-F1 - toggles on/off left panel; sort By - options for file sorting. Pressing Sort By activtates menu for possible file sorting . Sorting is possible by filename, extensions date of creation, time of creation, owner's code owner's group, and security modes. It is also possible to display files in unsorted mode; sort ordEr - Sorting mode (Ascending/Descending); fiLter or Ctrl-F - File display filter. Shows possible files display output masks. This menu is similar to menu appearing pressing GREY + key Re-read or Ctrl-R - Re-reads the information from disk. Drive or Alt-F1 - Choice of another logical disk. - 66 - ┌──────────────────────────────────────────────────────────────────────────────┐ │ Left Files Commands Options Right │ │ ┌────────────────────────────┐Size ││ ├──ARC │ │a│> Format Mode │P--DIR<││ │ └──F │ │a│ Global Ctrl-G │ 2050││ │ ├──DOC │ │a│ Info Ctrl-L │ 2050││ │ └──NGUIDE │ │a│ Tree Ctrl-T │ 2050││ ├──FXPD │ │a│ On/Off Ctrl-F1 │ 2050││ │ └──DEMO │ │a│────────────────────────────│ 2050││ ├──GLDOC │ │a│> sort bY name │ 2050││ ├──GM │ │a│> sort ordEr ascending │ 24421││ │ ├──BLOCKOUT │ │a│────────────────────────────│ 1828││ │ ├──CDMAN │ │a│ fiLter Ctrl-F │ 30575││ │ ├──PEREST │ │a│ Re-read Ctrl-R │ 1813││ │ ├──REGBI │ │p│ Drive ... Alt-F1 │ 2048││ │ └──TOWER │ │p└────────────────────────────┘ 16384││ ├──GMK │ │ufm com│demo │7 │ RRR│ 20992││ ├──LAP │ │ufm asx│demo │7 │ WRR│ 107872││ ├─▌BIN ▐ │ ╟────────────┴──────┴───┴────┴─────────╢╟──────────────────────────────────────╢ │.. >UP--DIR<││D:\BIN │ ╚══════ Who: demo 7 WRR Read ══════╝╚══════════════════════════════════════╝ D:\BIN> 2Mode 3View 4Edit 5Copy 6RenMov 7Mkdir 8Delete 9Menu 10Quit Fig. 39 - 67 - The following picture shows the File menu. Here is detailed explanation of several options, which we did not discuss before: cOpy with paths ALT-F5 Alternamtive copying of file(s). Alt-F5 copies files with their full paths. If target subdirectory is missing, it will be created. If subdirectory is being copied, all files and subdirectories below are also copied. Example: Copy preserving full path file PROG1.PAS from current subdirectory: C:\LANG\PAS into C:\MY. Subdirectory LANG\PAS will be created below \MY and file PROG1.PAS will be placed into C:\MY\LANG\PAS coPy to dir Ctrl-F5 Copying of chosen file(s) or sub-directory(s) into another directory which may not exist. If target subdirectory is missing, it will be created. If subdirectory is being copied, all files and subdirectories below are also copied. Example: Copy path file PROG1.PAS from current subdirectory: C:\LANG\PAS into C:\MY\PROGS. Subdirectory PROGS will be created below (if it was not created before) \MY and file PROG1.PAS will be placed into C:\MY\PROGS - 68 - reN/mov with paths ALT-F6 Works similar Alt-F5 but used for renaming/moving files or/and subdirectories. Example: rename preserving full paths current subdirectory PAS from C:\LANG into D:\MY. LANG\PAS will be created below D:\MY. All files from PAS\*.* and below will be copied to D:\MY\PAS\LANG and then the original files will be deleted. renAme/move to dir Ctrl-F6 Works similar to Ctrl-F5 but used for renaming/moving files or/and subdirectories. Example: Move direcroty PAS from current subdirectory C:\LANG into D:\MY. A sub-direcroty PAS will be created below PAS and then all files from PAS\*.* will be moved into D:\MY\PAS. Prune Ctrl-F8 Deletes subdirectory along with all files and sub-directories. To confirm this dangerous action ACSA will ask you to enter the word DELETE. Any wrong letter or Esc Key will cancel Prune command. Invert select Ctrl-V Inverts selected choice. select all Shift G+ Shift+ Grey "+" will select all files from current panel unselect all Shift G- Shift+ Grey "-" will unselect all files from current panel Quit F10 Quits ACSA Shell. - 69 - ┌──────────────────────────────────────────────────────────────────────────────┐ │ Left Files Commands Options Right │ │ Name ┌─────────────────────────────────┐ARC │ │.. │ change Mode F2 │└──FOXPRO │ │ac1 │ View F3 │ ├──DOC │ │ac2 │ Edit F4 │ └──NGUIDE │ │ac3 │ Copy F5 │FXPD │ │ac4 │ cOpy with paths ALT-F5 │└──DEMO │ │ac5 │ coPy to dir Ctrl-F5 │GLDOC │ │ac6 │ Rename/move F6 │GM │ │adm1 │ reName/move with paths ALT-F6 │├──BLOCKOUT │ │adm1 │ renAme/move to dir Ctrl-F6 │├──CDMAN │ │adm2 │ maKe directory F7 │├──PEREST │ │asiprint │ Delete F8 │└──TOWER │ │asiview │ Prune Ctrl-F8 │GMK │ │ufm │─────────────────────────────────│LAP │ │ufm │ Invert select Ctrl-V │MTS │ │ufm │ select all Shift G+ │PAINT │ │ufm │ Select group Gray + │PLI │ │ufm │ unselect all Shift G- │BIN ▐ │ ╟─────────│ Unselect group Gray - │──────────────────────────────────╢ │.. │─────────────────────────────────│ZP │ ╚══════ Wh│ Quit F10 │══════════════════════════════════╝ D:\BIN> └─────────────────────────────────┘ 2Mode 3View 4Edit 5Copy 6RenMov 7Mkdir 8Delete 9Menu 10Quit Fig. 40 - 70 - The following picture (Fig. 41) shows ACSA Shell Commands menu. Adm Ctrl-A Executes ACSA ADM aMod Ctrl-M Executes ACSA AMOD Login Ctrl-N Executes ACSA LOGIN Passwd Ctrl-P Executes ACSA PASSWD User Ctrl-U Executes ACSA USER Find file Alt-F7 Searches files History Alt-F8 Shows previously entered commands. During "History" mode you can: Up, Down - scroll menu Enter - choose the command for execution DEL - deletes the string INS - locks/unlocks pushing the string out of command stack. last Command Ctrl-E Places the most recent command into command string screen Blank Ctrl-C Blanks the screen using ACSA Screen Saver compare Directories Ctrl-D Compares files from left and right panels. Different files or newly files will be highlighted. panels On/off Ctrl-O Toggles on/off both panels saVe selected names Sh-Ins Filenames of highlighted files will be saved into user specified file. Swap panels Ctrl-S Swaps panels - 71 - ┌──────────────────────────────────────────────────────────────────────────────┐ │ Left Files Commands Options Right │ │ Name │ User┌─────────────────────────────┐ │ │.. │ │ Adm Ctrl-A │XPRO │ │a txt│demo │ aMod Ctrl-M │XPR │ │ac1 txt│demo │ Login Ctrl-N │─DOC │ │ac2 txt│demo │ Passwd Ctrl-P │─NGUIDE │ │ac3 txt│demo │ User Ctrl-U │ │ │ac4 txt│demo │────────────────────────────-│MO │ │ac5 txt│demo │ Find file Alt-F7 │ │ │ac6 txt│demo │ History Alt-F8 │ │ │adm1 pcx│demo │ last Command Ctrl-E │OCKOUT │ │adm1 txt│demo │────────────────────────────-│MAN │ │adm11 pcx│demo │ Blank the screen Ctrl-C │REST │ │adm2 pcx│demo │ compare Directories Ctrl-D │REST │ │adm2 txt│demo │ panels On/off Ctrl-O │GBI │ │asiprint com│demo │ saVe selected names Sh-Ins │WER │ │asiprt com│demo │ Swap panels Ctrl-S │WE │ │asiprt1 com│demo │ convert old access mode │W │ │asiview com│demo └─────────────────────────────┘ │ │ufm asx│demo │7 │ WRR│ 107872││ ├─▌BIN ▐ │ ╟────────────┴──────┴───┴────┴─────────╢╟──────────────────────────────────────╢ │.. >UP--DIR<││D:\BIN │ ╚══════ Who: demo 7 WRR Read ══════╝╚══════════════════════════════════════╝ D:\BIN> 2Mode 3View 4Edit 5Copy 6RenMov 7Mkdir 8Delete 9Menu 10Quit Fig. 41 - 72 - The following picture (Fig. 42) shows ACSA Shell Options menu. Auto change dir Automatic change of current subdirectory while scrolling directory tree. Clock Shows the time in the upper right corner Key bar Ctrl-B Toggles on/off the bottom line on the screen with description of function keys. fiX tree branch Fixes the current tree position when scrolling tree. Full screen Screen size (full or half) Mini status Shows the current file in the special line show Dirs in global Shows the sub-directories names in Global Mode. ESC key action Defines the ACSA action when ESC key is pressed Screen blank delay 1 minute Defines the time for screen saver. saVe setup Shift-F9 Shows current ACSA Shell settings into AC.INI file. AC.INI is created where ACSA system is located currenlty. - 73 - ┌──────────────────────────────────────────────────────────────────────────────┐ │ Left Files Commands Options Right 18:16:13 │ │ Name │ User │Grp│Mode│ ┌─────────────────────────────────┐ │ │.. │ │ │ │>│√ Auto change dir │ │ │ac1 txt│demo │7 │ WRR│ │√ Clock │ │ │ac11 txt│demo │7 │ WRR│ │√ Key bar Ctrl-B │ │ │ac2 txt│demo │7 │ WRR│ │ fiX tree branch │ │ │ac3 txt│demo │7 │ WRR│ │√ Full screen │ │ │ac4 txt│demo │7 │ WRR│ │√ Mini status │ │ │ac5 txt│demo │7 │ WRR│ │√ show Dirs in global │ │ │ac6 txt│demo │7 │ WRR│ │─────────────────────────────────│ │ │adm1 pcx│demo │7 │ WRR│ │> ESC key action Chdir │ │ │adm1 pcx│demo │7 │ WRR│ │> Screen blank delay 1 minute │ │ │adm11 txt│demo │7 │ WRR│ │─────────────────────────────────│ │ │adm2 pcx│demo │7 │ WRR│ │ saVe setup Shift-F9 │ │ │adm2 txt│demo │7 │ WRR│ └─────────────────────────────────┘ │ │ufm asx│demo │7 │ WRR│ 107872││ ├─▌BIN ▐ │ ╟────────────┴──────┴───┴────┴─────────╢╟──────────────────────────────────────╢ │.. >UP--DIR<││D:\BIN │ ╚══════ Who: demo 7 WRR Read ══════╝╚══════════════════════════════════════╝ D:\BIN> 2Mode 3View 4Edit 5Copy 6RenMov 7Mkdir 8Delete 9Menu 10Quit Fig. 42