Gatekeeper version 1.3 of 12-Nov-93 by Chris Johnson (c)1988-1993


"READ ME"



This distribution consists of the following files:

1.  Gatekeeper READ ME.txt - TeachText document
2.  Gatekeeper Introduction - Microsoft Word document
3.  Gatekeeper Introduction.txt - Text version of item 2.
4.  Gatekeeper FAQ.txt - TeachText document
5.	Gatekeeper Mailing List.txt - TeachText document
6.  Gatekeeper - system extension (INIT)
7.  Gatekeeper Aid - system extension (INIT)
8.  Gatekeeper Controls - control panel (cdev)
9.  Gatekeeper Extras Folder - folder containing the following:
    9.1.  Gatekeeper Extras READ ME.txt - TeachText document
    9.2.  Gatekeeper Privilege Mover - control panel (cdev)
    9.3.  Gatekeeper Privileges.txt - Privilege Mover text file
    9.4.  Gatekeeper Application - application

If you haven't used Gatekeeper before, begin by reading "Gatekeeper 
Introduction." If you are familiar with previous versions, but not 
1.2.x, note that enough has changed that a glance at that introduction 
wouldn't hurt. Take a look at the installation instructions, in 
particular.

The Microsoft Word documents included in this distribution use the
Helvetica, Times and Monaco/Courier fonts, and were setup for a
LaserWriter printer. In order to appreciate the reasonably decent
formatting in those documents, make sure you have those fonts 
installed, and select the LaserWriter driver in your Chooser, if 
that's convenient. Unfortunately, if you won't be opening these 
documents in Microsoft Word, but will be reading them into some 
other word processor, the nice formatting will probably be lost in
translation. Sigh.

By the way, Gatekeeper's Help display will also look a lot better
if the Helvetica, Times and Monaco fonts are present in your system.

Of course, no claims or promises are made regarding Gatekeeper's
effectiveness or suitability, and some functions and capabilities of 
Gatekeeper are non-trivial to use and may require a careful reading 
of the documentation.



---------------------------------------------------
Gatekeeper 1.3 Release Notes 12-Nov-93
---------------------------------------------------

Gatekeeper 1.3 was created the day after 1.2.9 was released to fix
a bug that caused all pre-7 systems to hang during startup, and 
crashed some System 7.x machines.

For those of you wondering about the story behind the bug, and
why 1.2.9 missed its scheduled release date by three days, it's
pretty simple. When the new viruses appeared, I was in the middle
of work on a new and improved Gatekeeper which was going to be
version 1.2.9 in a couple of months. Unfortunately the work, while
mostly complete, still wasn't quite finished at the time those
viruses appeared. So I had to either (a) try to finish the new 
improvements very quickly, or (b) rip them all out and return,
more or less, to the functionality of 1.2.8. I went for option
'b'. Unfortunately, while I was ripping out the nifty new code, I
overlooked one file in one of the ten or so projects that currently
combine to form Gatekeeper. Consequently, some of that new code
which wasn't quite finished was built into one portion of version
1.2.9. Since it was mostly working, it passed all my in-house 
(actually "in-office" would be more accurate) tests prior to 
release, but failed when it finally met up with the real world.

Why didn't I just go back to the archived 1.2.8 source? Because
there were some bug fixes and various uncontroversial (but 
significant) improvements already in 1.2.9 which I certainly 
wanted to be part of any new release.

So, here's 1.3; use it in good health. Please delete any copies of
1.2.9 that you may have laying around and spread the word that 1.3
is available.

[Thanks, BTW, go to Brian Price for allowing himself to be 
 dragooned into running some last minute tests.]



---------------------------------------------------
Gatekeeper 1.2.9 Release Notes 11-Nov-93
---------------------------------------------------

Gatekeeper 1.2.9 was created to deal with the CODE 1 and MBDF-B
viruses. The latter, MBDF-B, was already dealt with by previous
releases, but code was added to explicity identify the virus as the 
"B" strain instead of as an "unknown" strain.

At the same time, some improvements have been made. These include
the elimination of a known false-positive identification of the
INIT 1984 virus, the further refinement of address sanity checking
code (and its application in a couple of new places), the addition 
of some new privileges, the elimination of the conflict between 
version 1.2.8 and System 7 Tuner, and probably a couple more things
I can't remember at the moment.  :-)

BTW, there's now a mailing list for Gatekeeper update notices, etc.
See the "Gatekeeper Mailing List.txt" document for details.

Special thanks go to John Norstad for his analysis of CODE 1 which
saved me a lot of time over doing my own.



---------------------------------------------------
Gatekeeper 1.2.8 Release Notes 17-Aug-93
---------------------------------------------------

Gatekeeper 1.2.8 is a maintenance release which corrects problems 
found in 1.2.7, works around weirdness in some forthcoming Apple 
software, and extends the default privilege list as usual.

Remember that in order to see the new privileges, you must first throw 
away the existing "Gatekeeper Prefs" file. Don't bother trying to 
empty the Trash, just put the prefs file in there. Once you've 
installed the new Gatekeeper and rebooted, you'll be able to empty the
Trash. If you don't do all this, Gatekeeper will continue to use the 
old prefs file, and you won't benefit from any of the new privileges 
that have been added.

Some of the changes include:

¥  Copying files from the Finder when QuickDraw GX is installed no 
   longer generates privilege violations. 1.2.8 includes a less than 
   wonderful, but good-enough-for-now, workaround for the strange 
   changes made to the Finder supplied with GX. (Just make sure the 
   Network Extension is installed on your Mac.)

¥  Four patches have been eliminated. Examination of their practical
   value showed that Gatekeeper would work just as well without them, 
   and every patch eliminated is, of course, one less source of 
   problems down the road....

¥  Behavior under interrupt conditions has been improved.

¥  Address sanity-checking code has been added/improved.

The effects of these changes include the elimination of conflicts 
with GraceLAN Responder and the VersaTerm ftp server.

A few problems are still reported to exist in 1.2.8. One tester
reports that neither it, nor 1.2.7, will work in a Mac IIci equipped 
with a Daystar 33MHz Turbo 040 accelerator. Another tester reports a 
conflict with the Global Village TelePort fax modem control panel, but
only on a PowerBook 170, not on other CPUs. Mysterious bus errors are
reported by another tester. Everyone else, however, gives it a clean 
bill of health. As usual, there's no such thing as bug free software.



---------------------------------------------------
Gatekeeper 1.2.7 Release Notes 19-Jan-93
---------------------------------------------------

Gatekeeper 1.2.7 does two things: (1) it corrects a number of bugs 
found in 1.2.6 following its release, and (2) it significantly 
improves Gatekeeper's ability to determine the identity of the 
programs whose activity it monitors. This last change involved a
complete replacement of the host identification code in 1.2.6, 
which was, itself, a significant enhancement over the same code
in all previous versions. The new code is not only far more 
effective, but significantly smaller and faster as well.

A few of the bugs eliminated:

¥  A 68000 incompatibility normally associated with expanding the 
   privilege list. Typically this caused Mac Pluses, SEs, etc.
   to crash when adding a new item to the privilege list.

¥  The After Dark screen saver loaded very slowly in the presence
   of 1.2.6. The problem was that code added in 1.2.6 had not
   been optimized for performance due to the need to deal with the
   T4 virus as quickly as possible. While the performance effects 
   of this unoptimized code were not limited to After Dark, it only
   seems to have been obvious there for reasons that aren't 
   especially clear.

¥  A conflict with version 4.0 of the Apple CD-ROM driver.

¥  A conflict with MediaManager.

Lots of other bugs are history, too, but it'd take too long to sort 
through all the old bug reports and put together a list. Basically,
1.2.7 is just a heck of lot smarter and more stable (if the last six 
months of testing can be trusted) than 1.2.6.

If it hadn't taken six and a half months and twelve test versions to 
track down a few weird bugs in 1.2.7, it would have been released 
months ago.

One new feature has been added: Gatekeeper will now resolve aliases
to its "Gatekeeper Prefs" and "Gatekeeper Log" files if the names of
the aliases are *identical* to the names of the files they represent.
An alias named "Gatekeeper Prefs alias" won't work, for instance.

This feature may possibly be useful to people configuring Macs with
read-only System Folders, as it allows the Prefs and Log files to 
be stored in other locations that are can be accessed in a read/write
fashion.

The release notes for previous versions are included below for your
amusement. They are no longer of any importance at all.



---------------------------------------------------
Gatekeeper 1.2.6 Release Notes 9-Jul-92
---------------------------------------------------

Gatekeeper 1.2.6 began as a simple maintenance release intended to
correct a few bugs in 1.2.5. Unfortunately, the appearance of the
T4 virus required the sudden addition of a lot of code heretofore
scheduled to debut in version 1.3. Although only a little of this
code was required to deal with T4, it was all so interrelated that
it made sense to add the entire body of code at the same time. This
code gives Gatekeeper a much better idea of "who's who" in the Mac,
and should make it possible to grant privileges to programs
(especially those loaded by INITs) that could not be identified
properly by previous versions.

While 1.2.6 was still in testing, a new and destructive Trojan
Horse program aslo appeared. Gatekeeper Aid was updated to search
for this program. Aid will warn you anytime it encounters this
program.

While all this was going on, a little time was found on a couple of
already late nights to add a much requested feature: an OFF switch
with a user-configurable time limit. Previous versions of
Gatekeeper have only supported a 30 minute time limit on the OFF
switch (once known as the Override switch). Version 1.2.6 allows
you to choose any time limit from 99:59:59 to as little as 0:00:00
HMS . With a maximum time limit of just over four days, there
should be time enough to install even Microsoft Word 5.  :-)

Finally, a couple of bugs in version 1.2.5 were found and fixed.
The most important of these bugs was one which caused all of
Gatekeeper's settings, including the contents of the privilege
list, to revert to their defaults after a couple of new privileges
were added to the privilege list and the system was rebooted.

[ HMS means "Hours, Minutes, Seconds" and refers to the
significance of the three colon-separated fields of the times
displayed. The first field is hours, the second is minutes andÉ
well, you get the idea.]



---------------------------------------------------
Gatekeeper 1.2.5 Release Notes 19-Mar-92
---------------------------------------------------

The primary reason for the release of Gatekeeper 1.2.5 is the INIT
1984 virus.  This version includes an updated Gatekeeper Aid which
can detect and remove that virus on the fly.  Previous versions of
Gatekeeper could prevent the spread of INIT 1984, but could not
disinfect infected files.

Version 1.2.5 also contains a fix for the bug that caused THINK
Pascal's debugger to complain of system heap corruption.  This is
likely to resolve some of the reported conflicts between Gatekeeper
and other publisher's products.  Thanks to whomever implemented the
excellent heap consistency checking code in THINK Pascal's debugger
for bringing this problem to light.

Finally, version 1.2.5 should include a complete set of workarounds
for the conflict between AutoDoubler and Gatekeeper.  Although the
products do work together now, some performance problems may exist
when launching compressed applications.  Yes, this can be annoying,
but remember that AutoDoubler is *commercial* software, so you have
to make allowances for these sorts of troubles....  ;-)



---------------------------------------------------
Gatekeeper 1.2.4 Release Notes 20-Feb-92
---------------------------------------------------

The primary reason for the release of Gatekeeper 1.2.4 was the
MBDF A virus.  This version includes an updated Gatekeeper Aid
which can detect and remove the MBDF A virus on the fly.

Version 1.2.4 should also, at last, include a complete set of
workarounds for System 7 Tuner's mischief.  In addition it includes
workarounds that may eliminate the conflict between AutoDoubler and
Gatekeeper, although there wasn't enough time prior to release to
test this thoroughly.  In any case, it's an improvement over 1.2.3
in this respect.

WARNING:  If you use THINK Pascal, see the NOTE TO THINK PASCAL
USERS included in the Gatekeeper 1.2.2 section below.  It should
still apply.  In an effort to resolve the problem mentioned there,
I have been in touch with some people in the THINK portion of
Symantec, but until they get back to me, things are at a
standstill.



---------------------------------------------------
Gatekeeper 1.2.3 Release Notes 27-Jan-92
---------------------------------------------------

Gatekeeper 1.2.3 corrects two stupid oversights found in 1.2.2. 
One involved the display of entries in the Gatekeeper Log which
dealt with resource privilege violations (the format for file
violations was used inadvertently), and the other involved an
internal table which believed it was shorter than it actually was.

Nothing else has changed since 1.2.2.



---------------------------------------------------
Gatekeeper 1.2.2 Release Notes 21-Jan-92
---------------------------------------------------

The primary purpose of version 1.2.2 is to correct problems that
prevented Gatekeeper 1.2 and 1.2.1 from loading during startup. 
Those problems resulted in Gatekeeper and/or Gatekeeper Aid
crashing, refusing to load during startup, or incorrectly drawing
their startup icons.  Unlike version 1.2.1, which was also intended
to fix this problem, version 1.2.2 actually *does* fix it (had to
happen sooner or later ;-).


IMPORTANT NOTE TO THINK PASCAL USERS:
---------------------------------------------------
Two Gatekeeper 1.2.2 testers reported that, with 1.2.2 installed 
on their Macs, the THINK Pascal debugger would complain that the 
system heap was corrupt.  In both cases, examination of the system 
heap with the low-level MacsBug and TMON debuggers revealed NO 
corruption present, so I am forced to suspect that the THINK Pascal 
debugger is incorrect in its diagnosis.  Testing using MacsBug on 
other systems also failed to find any case in which Gatekeeper 
1.2.2 was corrupting the system heap.  In addition, the TMON user 
noted that after using TMON to check the system heap integrity once, 
the THINK Pascal debugger would also give the system heap a clean 
bill of health.
---------------------------------------------------


Some (but not all) of the other changes and fixes include:

¥ Version 1.2.2 includes a workaround for Apple's System 7 Tune-Up
problem.  This workaround eliminates the need for the Finder to be
granted Res(Self) privileges. If you have granted those privileges,
please revoke them once you've installed 1.2.2.  Note that this was
(and is) a problem with Apple's Tune-Up widget; it was NOT a
problem with Gatekeeper.

¥ Gatekeeper Aid now records its activities in the Gatekeeper Log. 

¥ Gatekeeper records more of its own activities in the log. This
includes changes to everything in the "Settings" section of
Gatekeeper Controls except for the Startup Icon setting, which I
regard as unimportant. 

¥ Gatekeeper Aid now respects Gatekeeper's ON/OFF, "Notify &
Veto"/"Notify Only", "Display an Alert", "Record it in the Log
File" and "Startup Icon" settings. 

If Gatekeeper is OFF or in Notify Only mode, 'Aid will NOT remove
any implied loader resources it detects, although it WILL remove
any known viruses (or their close relatives) that it finds.
Strictly speaking, this isn't really what "OFF" implies to users,
but it seemed silly for 'Aid to overlook things it KNOWS are
viruses under any circumstances. Input on this point is welcome. 

If Gatekeeper's "Display an Alert" option is off, 'Aid won't
display its alerts, either. The same goes for the "Record it in the
Log File" and "Startup Icon" settings. 

¥ Gatekeeper Controls and Gatekeeper Privilege Mover will no longer
crash pre-7 Macs if the Control Panel DA is opened when Gatekeeper
is NOT installed.

¥ Gatekeeper 1.2.2 protects some additional toolbox functions and
resource types which could heretofore have been exploited by
viruses.

¥ Gatekeeper used to give some people trouble by failing to
identify the applications performing certain privileged operations.
Instead, it would blame the operations on an application whose
name was a string of gibberish.  This was caused by an obscure,
unitialized boolean variable and has been fixed.

¥ Gatekeeper Aid is no longer confused by Desktop files outside of
the root directories of volumes.

¥ Gatekeeper Controls should now work on Quadras.  The code
resource segmentation scheme employed in THINK C 4.x was
responsible for the incompatibility.  Since Gatekeeper 1.2.2 has
been built entirely under THINK C 5.0.2, the problem is history.

¥ If, during startup, Gatekeeper finds that there is no Gatekeeper
Prefs file, it will create one containing a complete default
privilege list.  (Gatekeeper used to create a new Prefs file
containing an *empty* privilege list Ð this caused some folks who
didn't follow the installation instructions some problems.)

¥ Self extracting archives (SEAs) created by the
soon-to-be-released Zoom archiver will automatically get the
File(Other) privileges they need.  Gatekeeper already provides this
privilege to SEAs created by StuffIt (Classic and Deluxe), Compact
Pro and Disk Doubler.

¥ Gatekeeper Controls now has a flexible system for translating log
file entries into readable alerts, based on easily edited
resources.  This may be of use to people trying to internationalize
Gatekeeper.

¥ The Gatekeeper, 'Aid, 'Controls and 'Privilege Mover icons have
been updated in System 7 style, i.e. the icons for the INITs look
like puzzle-pieces, and the icons for the cdevs have little slider
controls running down their left sides.

Note that in order to see all these new icons, you'll need to
remove *all* previous versions of Gatekeeper from your disk(s) and
rebuild your desktop file(s).

¥ The "puzzle-piece" icons for Gatekeeper and Gatekeeper Aid will
appear connected on the startup screen if the icons would otherwise
be adjacent.  This is of no practical value whatever, but it is
kinda cute.



---------------------------------------------------
Gatekeeper 1.2.1 Release Notes 4-Jul-91
---------------------------------------------------

(This release contained some fixes and enhancements over version 1.2,
but my records don't go back far enough to tell me what they were
anymore.)



Chris Johnson

Internet:   chrisj@emx.cc.utexas.edu
UUCP:       {husc6|uunet}!cs.utexas.edu!ut-emx!chrisj
BITNET:     chrisj@utxvm.bitnet
CompuServe: >INTERNET:chrisj@emx.cc.utexas.edu
AppleLink:  chrisj@emx.cc.utexas.edu@internet#