home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
kermit.columbia.edu
/
kermit.columbia.edu.tar
/
kermit.columbia.edu
/
newsgroups
/
misc.19950528-19950726
/
000232_news@columbia.edu_Wed Jun 28 15:29:05 1995.msg
< prev
next >
Wrap
Internet Message Format
|
1995-07-31
|
3KB
Received: from apakabar.cc.columbia.edu by watsun.cc.columbia.edu with SMTP id AA26337
(5.65c+CU/IDA-1.4.4/HLK for <kermit.misc@watsun.cc.columbia.edu>); Wed, 28 Jun 1995 11:29:12 -0400
Received: by apakabar.cc.columbia.edu id AA18491
(5.65c+CU/IDA-1.4.4/HLK for kermit.misc@watsun); Wed, 28 Jun 1995 11:29:10 -0400
Path: news.columbia.edu!watsun.cc.columbia.edu!fdc
From: fdc@watsun.cc.columbia.edu (Frank da Cruz)
Newsgroups: comp.protocols.kermit.misc
Subject: Re: Configurable APC checking in next MSK release?
Date: 28 Jun 1995 15:29:05 GMT
Organization: Columbia University
Lines: 38
Message-Id: <3srsg1$i1l@apakabar.cc.columbia.edu>
References: <jhurwitDAuowt.ICo@netcom.com>
Nntp-Posting-Host: watsun.cc.columbia.edu
Apparently-To: kermit.misc@watsun.cc.columbia.edu
In article <jhurwitDAuowt.ICo@netcom.com>,
Jeffrey Hurwit <jhurwit@netcom.com> wrote:
: I've written a script to automate an exchange of files between my Unix
: account (running C-Kermit 5A(190)) and my PC (running Kermite 3.14 PL
: 6). It seemed best to run it on the Unix side (since it will be
: launched along with C-Kermit from a shell script), and control the PC
: Kermit with APC commands. To make the script work, I also needed to
: write a small macro for the PC side (to be launched with an APC
: command) that would check for a file, and tell the C-Kermit script
: whether it exists or not. This would not work until I set APC
: unchecked on the PC Kermit, because apparently the output command is
: not considered safe to use in a script or macro that is invoked with an
: APC command. I don't really like running Kermit on my PC with APC
: unchecked, but I don't know of any other way this little macro can tell
: the C-Kermit script whether or not the file exists without use of
: output commands.
:
: For the next release of MS-Kermit, would it be feasible to make it
: possible for the user to define a list of safe (or unsafe) commands for
: APC checking, perhaps to work in a way similar to setting control
: character prefixing?
:
This is an excellent topic for discussion. We have two conflicting
goals here, and it is not easy to imagine any way to reconcile them.
One is (obviously) security, the other is (for want of a better word)
power. Let me begin by asking, how can the OUTPUT command ever be
considered safe? The instant you enable it, you are totally vulnerable
to attacks of the sort that should not be too hard to imagine, which can
come as screen messages, text in email or a file (or a news posting, or
a Web page...) that you are reading, or any other way that a "friend"
could make something appear on your screen.
If you can guarantee that your host environment is safe, then it should
be safe to "set term apc unchecked". If you can't, then it isn't.
Right?
- Frank