[WEB4LIB] IKiosk Security Lapse
John Burke
burkejo at ucrwcu.rwc.uc.edu
Fri Oct 30 11:33:53 EST 1998
Jeff,
To disable the Task Manager, enter the following line in your system.ini file:
(under the [boot] section)
taskman.exe=
This will solve the problem you describe. We also use IKIOSK and
implemented this after someone mentioned it on a list (likely this one).
John
John J. Burke, MSLS | Systems/Public Services Librarian
University of Cincinnati - Raymond Walters College Library
E-mail: john.burke at uc.edu | I Corinthians 1:25
Web: http://www.rwc.uc.edu/burke/
At 08:17 AM 10/30/98 -0800, jpapier wrote:
>Greetings From Fairest NJ:
>
>I've been using Winselect Policy / Kiosk 3.3.1 on our public Internet
>PC's to good effect for some
>time now. However, our ever-curious teenagers have (unwittingly)
>brought the following security lapse to my attention: if you reboot the
>PC, when Windows 95 (or 98) starts up again you can click repeatedly
>with the mouse where the "Start" button
>eventually shows up. This easily brings up the Task Manager. From
>there you can choose "Run Applications." A default box comes up. If
>you ignore this box and choose "Browse," a new box comes up. You cannot
>enter a pathname into this browse box, which is as it should be, since
>access to the hard drive has been turned off. But if instead of choosing
>the "Browse" option, you stick with the first, default box which
>appears, you CAN enter a pathname, e.g. "c:\command.com." And into DOS
>we go.
>
>I suppose you could also bring in "command.com" on a floppy and upload
>too, if you allow access to the A: drive.
>
>Thought you should know. I've brought this to the attention of Hypertec
>(http://www.hypertec.com).
>
>Cheers,
>JP
>
>--
>Jeff Papier
>Network / Internet Librarian
>South Brunswick Public Library
>Monmouth Junction, NJ
>
>
>
More information about the Web4lib
mailing list