There's a really interesting configuration file in the netscape home
directory named Netscape.ad.
For instance, it says that if you issue the command:
netscape -remote "openURL(http://foxboro.com)"
It doesn't open up a new version of Netscape, but finds an existing instance
moves it to the foreground and directs it to that URL. Useful for more
quickly bringing up help screens to an operator.
Even more interesting for the present discussion is that this file contains
menubar configuration settings. If the whole Location data entry field
could be removed (and others) then the above 'netscape -remote' method could
be securely used for operator help screens.
Perhaps some brave soul could do some experimenting and get back to the rest
of us.
John Windle
Foxboro
> -----Original Message-----
> From: Corey R Clingo [SMTP:[EMAIL PROTECTED]]
> Sent: Tuesday, March 13, 2001 8:46 AM
> To: Foxboro DCS Mail List
> Subject: RE: Helpfile Viewer
>
> Dan-
>
> You might try something like:
>
> su - unprivileged_user_id -c netscape
>
> This is not quite as good as chroot but at least keeps them from
> overwriting
> files.
>
> Of course the real fix is for Foxboro to modify their software so it
> doesn't
> have to run as root.....
>
> Corey Clingo
> Sr. Engineer
> BASF Corporation
>
>
>
>
>
> "Karppi, Dan" <[EMAIL PROTECTED]> on 03/09/2001 11:33:45 AM
>
> Please respond to Foxboro DCS Mail List
> <[EMAIL PROTECTED]>
> To: 'Foxboro DCS Mail List' <Foxboro
> cc:
> Subject: RE: Helpfile Viewer
>
>
>
> Dave and Tim,
>
> I have already installed and am using Netscape Navigator 4.72 for Solaris
> 2.5.1 and it does the job. Only one major problem with it is that the
> entire Solaris file system is not secure. The user can surf through the
> entire file system by entering "/" in the location bar and then browsing
> from the root directory. Also by using the FILE...SAVE_AS function from
> the
> menu bar, the user can overwrite any writable file with the contents of
> the
> displayed HTML page. This is because Netscape is running as root. I've
> tried to secure it by 'chroot'ing Netscape but haven't been successful.
> Windows versions of Netscape are capable of running in a "Kiosk" mode
> where
> the toolbars and hot keys can be disabled but unfortunately this is not
> yet
> available in UNIX versions. I was hoping to find an easier way of
> displaying
> our help files or maybe you have already found a solution to Netscape's
> security problem. Any other ideas would be appreciated.
>
> Dan
>
>
>
>
>
> -----------------------------------------------------------------------
> This list is neither sponsored nor endorsed by the Foxboro Company. All
> postings from this list are the work of list subscribers and no warranty
> is made or implied as to the accuracy of any information disseminated
> through this medium. By subscribing to this list you agree to hold the
> list sponsor(s) blameless for any and all mishaps which might occur due to
>
> your application of information received from this mailing list.
>
> To be removed from this list, send mail to
> [EMAIL PROTECTED]
> with "unsubscribe foxboro" in the Subject. Or, send any mail to
> [EMAIL PROTECTED]
-----------------------------------------------------------------------
This list is neither sponsored nor endorsed by the Foxboro Company. All
postings from this list are the work of list subscribers and no warranty
is made or implied as to the accuracy of any information disseminated
through this medium. By subscribing to this list you agree to hold the
list sponsor(s) blameless for any and all mishaps which might occur due to
your application of information received from this mailing list.
To be removed from this list, send mail to
[EMAIL PROTECTED]
with "unsubscribe foxboro" in the Subject. Or, send any mail to
[EMAIL PROTECTED]
