Xref: utzoo comp.sys.ibm.pc:18226 comp.binaries.ibm.pc.d:798 Path: utzoo!utgpu!attcan!uunet!seismo!sundc!pitstop!sun!plx!slvblc!dick From: dick@slvblc.UUCP (Dick Flanagan) Newsgroups: comp.sys.ibm.pc,comp.binaries.ibm.pc.d Subject: FluShot+ (FSP) 1.4 Bug Report Message-ID: <8808171810.AA03414@slvblc.UUCP> Date: 17 Aug 88 18:10:24 GMT Reply-To: slvblc!dick@ucscc.UCSC.EDU (Dick Flanagan) Organization: SLV Systems Group, Ben Lomond, California Lines: 26 Disclaimer: none Like a lot of folks, I looked at Ross Greenberg's lastest version of FSP with combined anticipation and caution, since his previous versions had bitten me pretty badly. But I thought I would give it a try and see if he had at least fixed some of the bugs in FSP 1.2 that I had emailed to him a couple of times before. My first test was to setup FSP to flag my autoexec.bat and config.sys as being both unreadable and unwritable. This is supposed to prevent *any* form of "unauthorized" access from being allowed or going undetected. Then I attempted to edit both of these files with my Brief editor. Magic! Brief was able to read and write both of these files without so much as a peep from FSP. I have to say that FSP did detect and prevent casual TYPE's and COPY's of these files, but if I were writing a trojan or virus, I would simply use whatever file mechanism Brief uses and leave FSP guarding an empty house. Dick -- Dick Flanagan, W6OLD GEnie: FLANAGAN UUCP: ...!ucbvax!ucscc!slvblc!dick Voice: +1 408 336 3481 Internet: slvblc!dick@ucscc.UCSC.EDU LORAN: N037 04.7 W122 04.6 USPS: PO Box 155, Ben Lomond, CA 95005