deny file://c:\ link?

Mike Mitchell mdm at nbpl.lib.tx.us
Fri Oct 23 15:22:25 EDT 1998


What must I do to keep a page like this:

<HTML>
<BODY>
<A HREF="file://C:/">your files</a>
</BODY>
</HTML>

from opening Win95 Explorer and making the C:\ drive available to the patron
using Internet Explorer 3.x? Until I accidentally came upon this, I've been
using the Win95 policy editor and Winselect 3.x to lock down the computers
with good success. The drives are hidden and users can't type in file: or c:
in the Iexplorer address box, etc. But, once they get the C: drive open with
this they can do anything they want. So, obviously I just have the user
interface locked down and not the system itself. Must I employ something
like Fortress 101 to prevent this or is a way to just disable the file://
URL in IExplorer. I've seen that it takes a hex editor to do this in
Netscape. I know I can use Win95 policy editor to only allow certain
programs to be run but I'd rather not do that unless I have to. TIA.
Mike Mitchell
Tech Services Librarian/System Administrator
Dittlinger Memorial Library
New Braunfels, TX 
mdm at nbpl.lib.tx.us




More information about the Web4lib mailing list