KJKHyperion wrote:
Sarocet wrote:
I had an idea about virus propagation. As we'll have added attribs on FS, i'd implement the eXecution flag. No program could be run without it. If a DLL were loaded it'd have that flag would automatically set (if allowed).
execution already has to be granted by the file's ACL. It just happens to be enabled by default (try disabling it to see by yourself why it cannot be disabled without trouble)
That aplies to WSH, Java, Flash, Php, shell scripts...
no, it doesn't. You cannot tell between opening and executing a script
The programs should check it for executing a script too (or give the user the chance to check it or not. I quote form my email "-to be compliant-" ), as it verifies we're not doing malicious actions.
My idea was to set a file flag that stated that its file was 'clean' (whatever clean could mean). This was restricted by the system/river resetting it when the file changes and only allowing to set it through an special tool that would be responsible to see if it's clean or not (could simply say everything is clean or study them more carefully, it's up to the implementation).
Of course something like this could be implemented without so restrictive checking. Maybe using the +m flag. Let's suppose files without it are clean. What then? If i tryed to make such a program using the modified flag it'd be a mess. Some programs set it when editing. However, others not. I could get a new (infected) file, and it could show as not dirty... That's why i thought it interesting, as a way to have everithing controlled, without having to virus-check always everything. Of course regularly or when definitions update it'd expire, but i think is easy and powerful enough to provide a not-so-insecure os.
By the way i tried to change the execution flag on windows but i couldn't. If set the permission to Read only, i can't modify it but it executes. I can also set it to W: and gets: READ_CONTROL, SYNCHRONIZE, FILE_GENERIC_WRITE, FILE_WRITE_DATA, FILE_APPEND_DATA, FILE_WRITE_EA, FILE_EXECUTE, FILE_WRITE_ATTRIBUTES, but i'm not able to change them individually. Am i missing something? Is there another way to modify them apart of cacls? None *.msc nor properties page seem to do it.
they're called text services, Windows supports them since Windows XP and the framework to run them is available for Windows 2000 too
How are they used/programmed? At installed services i only see Language (child> Keyboard (child> Language. Not strange i didn't know.
GvG: "please solve the world's hunger problem and find a cure for cancer too." That'd be great if someone did. Even better than making a free OS windows compatible. And if we're not able to get that goal (yet), why not buy microsoft to free its code?
We can't solve the world's hunger problem, but we can give a windows-like OS to the world. Slogan: 'Use your money to avoid world hunger instead for buying windows.'