On Wed, 4 Nov 1998, Krish Jagannathan wrote: >I figured this much out -- if you are running on FoolProof for the PC >(Win9x) and you boot up in safe mode (with or without network support) it >will bypass the FoolProof TSR and enable full privileges, even deleting >the FoolProof directory. >--- >Krish Jagannathan >krisjagat_private >YCHJCYADTKCF This may be true(infact it is true) but is a sign that your administrator forgot or did not know about F8. This was the case at a school i know that just setup FoolProof, forgot F8, and diskette booting, but that was negligence. So here is another problem in foolproof Bug/flaw: A bug that for all intensive purposes is a bug. If you can execute 'echo' with 4 command line arguments you can disable (esentially delete) foolproof. Implication: Disable _protection_ (if you can call it that) from FoolProof. Exploit: echo Hi > c:\fool95\fooltsr.exe Do this with every file in the foolproof dir (The install directory may vary). Fix: Run a UN*X os instead of a Microsft product? Seriously though, I have not looked into side effects(or if even possible) to disable 'echo', so making all files in the foolproof dir (and elsewere through out the computer, have not looked for them all) read only so you _cant_ write to them, but also disable attrib changes. -- Max Inux <maxinuxat_private> Hey Christy!!! KeyID 0x8907E9E5 Kinky Sex makes the world go round O R Strong crypto makes the world safe If crypto is outlawed only outlaws will have crypto Fingerprint(Photo Also): 259D 59F7 D98C CD73 1ACD 54Ea 6C43 4877 8907 E9E5
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:22:36 PDT