Windows 95 for public use - WinU

Bill Moseley moseley at netcom.com
Thu Nov 21 19:42:49 EST 1996 

At 08:58 AM 11/21/96 -0800, Andre Backs wrote:
>Still working on a publicly safe Netscape and Windows 95 I came across a
>program called WinU available from http://www.bardon.com
>Does anyone here know the pro's and con's for this program ? i.e. has
>anyone used it here ?

WinU has improved quite a bit since the early versions.  Disabling the
right-mouse button on the File/Open menu was a really great addition.

There are a couple of things to think about with this program, though.

** Please excuse (and correct) me if I'm wrong about some point.  I'm
working off old notes. Also, many of these issues are REALLY MINOR. **

So with that said,

- You do want to run WinU in the highest security mode - this runs WinU as
the shell - which means you can't kill WinU with Ctrl-Alt-Del.

- Unlike Stoplight or Fortres, WinU doesn't protect files on the hard disk.
 Netscape, for example, could be used to overwrite win.ini or system.ini.
For this reason, I think it is wise to use a CMOS password along with WinU.
 Otherwise, someone could overwrite system.ini (if not set to readonly),
reboot and disable WinU.

One of the great things about a program that can protect the hard disk is
you can prevent saving files to the hard disk.  With WinU you would have to
rename and hide directories to (try to) control where files are saved on
the hard disk.

- You can set WinU to not allow "third-party" programs.  These are programs
that run other programs - like Netscape helper applications.  WinU does
this by quickly closing down the "third-party" program.  The (tiny) problem
with this is that the program does in fact run.

So, for example, someone could drag a .reg file onto regedit.exe and modify
the system registry.  Ok, it's a minor hole, but it is there.

Here are some suggestions if you decide to use WinU:

- Make backup copies of important files (e.g. *.ini) and restore them
during boot.  I'd also restore the registry files (system.dat and user.dat)
when the computer boots.  Restoring the registry will protect your program
settings.

- Set files as READONLY where possible to prevent overwriting.

- Remove the entries from the [Extensions] section from win.ini.  Netscape,
for example, can use these to run external programs. (If you have
"reg=\windows\regedit.exe ^.reg" in win.ini you can drag a .reg file onto
Netscape and it will modify the registry.)

- To prevent drag-n-drop (as in my .reg example above) modify the registry
setting for HKCR\.exe to point to a dummy file type.  CAUTION: this will
disable the ability to double-click on a program an run it - and disable
icons and start menu programs (although you can still use Run). 

- You may also wish to modify the HKCR\* and HKCR\Unknown keys.
HKCR\Unknown controls the "Open With.." dialog.

I don't want to waste any more space here - you can email if you have
questions or want more detail.

Overall, I think that WinU is a real nice program.

Bill Moseley
mailto:moseley at netcom.com

More information about the Web4lib mailing list