Fortres for Win 95

[Bill Moseley]

Fortres has been discussed a number of lists lately, so this is posted to a
number of lists.  Sorry for the duplications in your mailbox.

I came across some problems in testing Fortres 101 for Windows 95, and I
thought this list would be a great place to get some feedback.  I didn't
have a lot of time to check the program out, so excuse me if I missed
something obvious.

For you Win 3.1 people, Windows 95 has a bunch of new features that are
great for your own machine, but are dangerous for a public access computer.
Windows 95 makes it easy to drag files to other locations, copy files, run
programs, create directories, etc. all from the right mouse menu.  This menu
can be accessed from many places in Win 95, including the "File/Open" or
"File/Save" dialogs of programs.

Terms:  Shell = The user interface.  In Win 3.1 it's Program Manager,
                in Win 95 it is Explorer. 
        Desktop = The background screen on a Win 95 machine that contains
                icons.


Fortres did a good job of locking the Windows functions at the shell level.
With all Fortres' security options enabled, I could only run programs that
were on the Desktop.  The Desktop icons could not be moved or modified in
any way, the Start button was disabled, and the right-mouse context menu was
disabled.  Basically, this turned the Win 95 shell interface into a menu
program.

The problem was that when I ran a program that had a "File/Open" or
"File/Save" option (for example, a web browser like Netscape) I could
easily get around the security.  I could locate COMMAND.COM, and although
Fortres would not let me execute ("open") COMMAND.COM directly, it was a
simple step to rename it to another name and then execute it.  Then at the
DOS prompt I had full access.  At the "File/Open" dialog I could create
new files and folders without any problem, and could copy, delete, and
move files, and basically run any program I wanted. 

I was also able to edit CONFIG.SYS and AUTOEXEC.BAT and comment out the
lines that start Fortres and then reboot with the security disabled completely.
(Used right mouse context menu in File/Open dialog box to change 
Properties from read only.)

I was also able to delete important configuration files, and edit files like
WIN.INI and SYSTEM.INI.

Are these problems anyone else has come up with (and found answers?).

Other notes on Fortres:  During install a couple of problems occurred.  For
example,  the installation procedure asked for a password.  I entered a four
letter password and the program responded with an error message saying that
the password had to be five letters or more -- and then went ahead and
installed the security.  I quickly uninstalled the security before rebooting
since I had no idea what password the program was using.

During the second install attempt I mis-typed at some point and then pressed
"Cancel" and the program went right ahead and installed the security.
Again, I uninstalled right away.  The third install went fine.

Overall, it seems like potentially a good program.  But basically it seems
like a program that just limits what programs can be run (just the icons
on the Desktop).  This is great, but this type of security can be done with
the built-in Windows features.  And the big problem was that Fortres didn't
address the problems associated with the "File/Open" dialog boxes.

I also looked at StopLight for Windows 95 by Safteynet (beta version).
See: http://www.safe.net/safety/.  It has a very different approach to
security than most other programs.  It works by assigning access rights to
files and directories on a user by user basis -- a lot like NT.  If anyone
is interested in this program let me know and I post a review.


Thanks,

Bill Moseley
mailto:moseley at netcom.com