Pulling out the Root: Netscape Security

Phil Meyer phil at ecrl.lib.mn.us
Mon Jan 27 11:57:07 EST 1997


We use a program called IKIOSK to disable all unsecure functions within 
Netscape such as the Open file command.

I also make all of our PCs' directories hidden, so if a user somehow can 
gain access to the HD, they can't see anything.  This is no problem for 
us, but depending on your users' needs, this may not be an option.

*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
Phil Meyer                                 Phone: 612 689 7390
Systems Librarian                          Fax:   612 689 7389
East Central Regional Library              
244 S. Birch St.                           Email: phil at ecrl.lib.mn.us
Cambridge, MN  55008
*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*


On Mon, 27 Jan 1997, David P Atkins wrote:

> Hello all,
> 
> Any one with any ideas on hiding the directory contents of a PC's hard
> drive from Netscape?  With either an open file command or keying in a
> local drive url, folks can see all sorts of files and get all sorts of
> ideas for hacking thru security.  Can't hide all the files, got to run
> them and Fortres & some thorough Read-Only's should help, but Fortres is
> not perfect.
> 
> On our webserver, cgi scripts include an index.cgi which keeps folks
> from seeing the server's 0directory listings.
> 
> Short of installing a web server w/ cgi on each of our Win95 pc's,
> reasonable any work-arounds? 
> 
> Thanks,
> David
> 
> ______________________________________________________________________
> 
> David P. Atkins
> Electronic Reference Services Librarian   
> Middleton Library                    email:  notdpa at unix1.sncc.lsu.edu
> Louisiana State University                     voice:   (504) 388-6823 
> Baton Rouge, LA 70803-3300                      fax:    (504) 388-6825 
> ______________________________________________________________________
> 
> 
> 


More information about the Web4lib mailing list