[4413] in WWW Security List Archive
Re: Win3.1/Win95 desktop security?
daemon@ATHENA.MIT.EDU (Per Weisteen)
Fri Feb 14 05:05:32 1997
Date: Fri, 14 Feb 1997 09:28:12 +0100
From: Per Weisteen <Per.Weisteen@hda.hydro.com>
To: Geoffrey Leeming <geoffrey@indiciis.com>
Cc: BVE <bve@quadrix.com>, kev-rhea@mail.zynet.co.uk,
www-security@ns2.rutgers.edu
Errors-To: owner-www-security@ns2.rutgers.edu
Geoffrey Leeming wrote:
>
> At 09:39 PM 12/2/97 +0100, BVE wrote:
> >
> > Date: Tue, 11 Feb 1997 13:35:14 +0000
> > From: Kevin Townsend <kev-rhea@mail.zynet.co.uk>
> >
> > But there are products available that put serious desktop security onto
> > both 3.1x and 95 - in some cases rivaling NTW but at a fraction of the
> > cost. So you can keep the business investment in existing training and
> > applications, but gain the desktop security you need.
> >
> >Any that you can't bypass during bootup with Ctrl-C, or stick your own boot
> >disk in, and see the whole file system with no privs???
> >
> >..And once you've authenticated yourself properly, do they prevent the user
> >from changing system configuration settings?
>
> Try Stoplock and AviBoKs. Both definately available for 3.1x: not sure
> about 95.
>
> AviBoKs lets you set privileges on a per-file basis, so all one has to do is
> remove write privs to the sys config files, and hey presto! Users can no
> longer REM out the command to load AviBoKs and thus bypass system security
> in its entirety. I believe that Stoplock can do the same, but I've never
> administered it so I'm not sure.
What stops me in popping up Norton Diskutil or any similar products and
changing file access privs ? IMHO there is nothing that seriously stops
me in doing whatever I want on a essensially DOS based system.
--
Per Weisteen !Internet consultant, Webmaster, Postmaster
Norsk Hydro !Email: Per.Weisteen@hda.hydro.com
Box 200, 1321 Stabekk !Phone: (+47) 2273 8227
Norway !Web: http://www.hydro.com
