home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Columbia Kermit
/
kermit.zip
/
newsgroups
/
misc.19941031-19941221
/
000308_news@columbia.edu_Wed Nov 30 05:51:00 1994.msg
< prev
next >
Wrap
Internet Message Format
|
2020-01-01
|
3KB
Received: from apakabar.cc.columbia.edu by watsun.cc.columbia.edu with SMTP id AA03447
(5.65c+CU/IDA-1.4.4/HLK for <kermit.misc@watsun.cc.columbia.edu>); Wed, 30 Nov 1994 03:58:42 -0500
Received: by apakabar.cc.columbia.edu id AA10676
(5.65c+CU/IDA-1.4.4/HLK for kermit.misc@watsun); Wed, 30 Nov 1994 03:58:41 -0500
Newsgroups: comp.protocols.kermit.misc
Path: news.columbia.edu!sol.ctr.columbia.edu!math.ohio-state.edu!uwm.edu!news.alpha.net!news.mathworks.com!hookup!swrinde!howland.reston.ans.net!ix.netcom.com!netcom.com!jhurwit
From: jhurwit@netcom.com (Jeffrey Hurwit)
Subject: Re: MSKerm 3.14 BETA 14- APC security too strong?
Message-Id: <jhurwitD02G90.6Bw@netcom.com>
Organization: Organization? What organization?
X-Newsreader: TIN [version 1.2 PL1]
References: <jhurwitD00M19.MnM@netcom.com> <3bfd3p$fkg@apakabar.cc.columbia.edu>
Date: Wed, 30 Nov 1994 05:51:00 GMT
Lines: 36
Apparently-To: kermit.misc@watsun.cc.columbia.edu
In article <3bfd3p$fkg@apakabar.cc.columbia.edu>, Frank da Cruz
(fdc@watsun.cc.columbia.edu) wrote:
>We get this complaint a lot, but there is no easy solution. There is
>a basic conflict between the need for host-directed operations such
>as your script and the need to protect all MS-DOS Kermit users from
>malicious attacks.
>If SET TERMINAL APC UNCHECKED could be issued by the host application,
>then there would *be* no security.
>On balance, I think most would agree that inconvenience weighs less
>than disaster.
>You should think of SET TERMINAL APC UNCHECKED the same way you think
>about passwords. You don't put passwords in scripts because the risk
>far outweighs the convenience. Thus whenever you run your login
>script, you have it prompt you for your password. Similarly, you shoul
>SET TERM APC UNCHECKED before running your script and then put it back
>to ON afterwards.
Um, ok, I can accept this argument as far as it goes. But, problem
is, if a macro or take file is invoked with an apc command, any
"unsafe" operations called for in those are also disabled. So,
while I can understand wanting to protect some innocent user from a
malicious script or some such, what about having apc commands invoke
scripts that others are unlikely to know about? Example: The
script on my host account sends a compressed backup file,
backup.tgz, as backup.tmp. The script on my PC receives the
transfer and, *if the transfer succeeds*, deletes the already
existing backup.tgz and renames backup.tmp to backup.tgz. Would an
option to set apc unchecked for scripts only make any sense? If
not, I guess I could always put the command in a macro and then bind
it to a key...
Jeff