FoolProof [was: Re: Root Pulled: Thanks]

Roger Harrison rharrison at ccvax.fullerton.edu
Tue Feb 11 13:02:57 EST 1997 

I wonder if anyone out there is using FoolProof to solve this problem. 
I've not used it, but have seen it in operation in other labs on our
campus.  It totally locks out the hard disk, so that the Open File
option won't serve up drive C:.  The file:/// URL is still available,
and one can view C: files, but not save to the disk.  In practical
terms, should I care if someone can read my AUTOEXEC.BAT if they can't
alter it?

Seems to me an option which allows the Open File to work, but locks out
the C: drive, is better in that folks can still load html docs from
their diskettes.  Comments?

I'd be interested in feedback from anyone who is using FoolProof on
Win95 systems.  The archives show several Mac sites using it, but I'd
like to get some real-world input from anyone using the 95 version as to
what its limitations are.  Looks pretty bullet-proof in the labs I've
visited, and I'm not sure I would need IKIOSK because I don't care about
keeping folks out of e-mail or other options in Netscape.

-- 
Roger Harrison                 |        P.O. Box 4150 
Library Network Manager        |        Fullerton, CA 92834-4150
Cal State Fullerton            |        Voice: 714-773-2666
University Library             |        Fax:   714-773-2439

                 mailto:rharrison at fullerton.edu
        http://wwwlibrary.fullerton.edu/people/rharrison/

"Examine everything carefully; hold fast to that which is good."
"But shun foolish controversies and strife and disputes about
     the Law, for they are unprofitable and worthless."

David P Atkins wrote:
> 
> Thanks to all who responded to the list & my personal email concerning
> "Open File"  security concerns in WWW browsers.
> 
> As simply hiding files didn't work, I can attest to the secure combination
> of IKIOSK (disabling Open File) & Bill Moseley's suggestion & excellent
> page on editing the .exe to eleminate the file url location option in
> Netscape (e.g. you can't type the url file:///C|/stuff/).
> 
> URL:  http://library.berkeley.edu:8000/Security/hexedit.htm
> 
> Still leaves the problem that now folks can't use personal web pages from
> the A:> drive....someday.
> 
> David
> ______________________________________________________________________
> 
> David P. Atkins
> Electronic Reference Services Librarian
> Middleton Library                    email:  notdpa at unix1.sncc.lsu.edu
> Louisiana State University                     voice:   (504) 388-6823
> Baton Rouge, LA 70803-3300                      fax:    (504) 388-6825
> ______________________________________________________________________

More information about the Web4lib mailing list