Subject: | |
From: | |
Reply To: | |
Date: | Wed, 1 Apr 1998 17:01:34 -0800 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
<<if i understand what happens in the unix world with remsh and
rexec is they can create 'yes & no' lists. ie, yes 'this' command is
allowed but no 'that' command is not. incorporating this would be a 'jim'
thing since it's
his software. aif:pe would also be a jim thing. but lets just
suppose jim doesn't want to change his code...i'm left with trying to trap
the command *after* it leaves the mped program but *before* it actually hits
the ci -- a udc that (i don't think) can be written short of the brute force
method (ugh) - d>>
That also might or might not be a "jim thing", depending on how MPED
arranges to have the command executed. If it uses HPCICOMMAND
(or-ugh-COMMAND), you could write an intercept intrinsic that validated the
requested command line against the yes/no list, and only allowed legitimate
commands to be passed on. If he spawns the CI in some interceptible manner,
you could write a replacement CI that does the validation, then passes the
command to the real CI (or SH, I guess) if it's OK. If MPED does something
that can't readily be intercepted, then it would need to be changed.
Steve
|
|
|