The Secure Workplace is a collection of objects designed to protect against changes to the Desktop Setup. Date and time encrypted passwords allow Help Desks to manage the user's Desktop Setup.
Program is distributed as ZIP package: download to temporary directory and unpack to destination folder. Run SSETUP.EXE /S=SourcePath /T=TargetPath
. See below for download link(s).
Following ones are the download links for manual installation:
Secure Workplace v. 4.72 (2/9/1998) | ||
hobbes.nmsu.edu/download/pub/os2/util/multiuser/SecureWorkplacePro_4-72.zip | local copy | |
Secure Workplace v. 4.71 (24/8/1998) | ||
hobbes.nmsu.edu/download/pub/os2/util/multiuser/SecureWorkplaceStd_4-71.zip | local copy | |
Secure Workplace v. 1.20 (6/8/1993) | Readme/What's new |
THE SECURE WORKPLACE
Copyright (c) 1993, Syntegration. All Rights Reserved
The Secure Workplace is a collection of objects designed to
protect against changes to the Desktop Setup. Date and time
encrypted passwords allow Help Desks to manage the user's
Desktop Setup.
This product is distributed by:
Syntegration
13241 Norton Avenue
Chino, CA 91710
Tel: 909-464-9450
The objects are developed and supported by:
Stephen G.L. Fox
Tel: 909-464-9450
Fax: 909-464-9438
Compuserve ID: 73707,3331
You can obtain technical support by:
1) Calling the number above.
2) Leaving Electronic Mail on Compuserve for 73707,3331.
3) Posting a message for ID 73707,3331 in the Application
Quest section (4) of the OS2USER CompuServe Forum.
4) Posting a message for ID 73707,3331 in the Other Vendors
Section (1) of the OS2AVEN CompuServe Forum.
INFORMATION ON LICENSING
To use The Secure Workplace it is necessary to purchase a
license. You may obtain a license for use of the product on one
computer by sending a check for $25.00 to Syntegration at the
address given above. You can obtain a SITE LICENSE for use of
the product on more than one computer. Site License fees are
based on the total number of computers that will use the
software package. The License fees for:
2 to 9 computers are $22 each
10 to 49 computers are $20 each
50 to 99 computers are $18 each
Please call to negotiate SITE LICENSES for more than 100 computers.
THE SITE LICENSE INCLUDES ONE COPY OF THE SOFTWARE AND
DOCUMENTATION. The Site License allows you to copy it for the
number of machines licensed. Distributing, repackaging, or
reselling of the software to third parties is not allowed. All
licenses are prepaid. All fees are quoted in US funds.
When you purchase a License for The Secure Workplace you will
receive a copy of the objects with a unique time encryption
customized for your organization.
SECURE OBJECTS
The Secure Workplace is a collection of objects designed to
modify the behavior of the OS/2 desktop environment. These
objects provide a secure environment that prevents the user from
modifying the OS/2 desktop. Organizations that want to provide
its users with a specific desktop setup, and want to prevent the
user from changing the icons can use these objects with great
benefit. You can can also use these objects as protection from
accidental changes by others who occasionally borrow your
workstation. The Secure Workplace consists of a Secure Desktop
object, a Secure Folder object, a Secure Program object, and a
Restricted Folder object.
The Secure Desktop is used to prevent the user from changing the
desktop settings. The setting notebook, the Tree View, and the
details view are password protected.
The Secure Folder is a type of folder that is password protected
by a date and time encryption algorithm. Objects of this class
have their Create Another, Copy, Move, Delete, and Create Shadow
pop-up menu items removed. You can choose to remove the Delete
pop-up menu items when you create this object. If you want to
deny access to any Workplace objects, you put them into this
type of folder.
The Secure Program is used to protect from unwanted
manipulations. Objects of this class have their Create Another,
Create Shadow, Copy, Move, and Open Settings pop-up menu items
removed. You can also remove the Delete pop-up menu item when
you create instances of this object. Once a Secure program is
defined the user will be prevented from changing it. Using this
object class, you can create unchangeable desktop setups.
The Restricted Folder is a secure object without password
protection. This folder has the same security characteristics as
the Secure Program class. This folder type is necessary piece of
scaffolding needed to compete the protection of your desktop.
PROTECTION SCHEME
The secure objects are protected by a password that changes
every minute. A user that discovers the password for a certain
instance in time will not be able to use that password ever
again. These objects generate passwords by encrypting the system
date and time.
The Secure Workplace includes a passkey program PASSWORD.EXE to
generate passwords. Technical support or Help Desk personnel
will use this program to open secure objects for changes or
servicing. You would not usually install the passkey program on
the same computer as the secure objects.
THE PACKAGE CONTENTS
The Secure Workplace demonstration package contains:
SECURITY.DOC - The package documentation
SDESKTOP.DLL - The Desktop Replacement class
SFOLDER.DLL - The Secure Folder Object Class
RFOLDER.DLL - The Restricted Folder Object Class
SPROGRAM.DLL - The Secure Program Object Class
SSETUP.EXE - The Secure Workplace installation program
SREMOVE.EXE - The Secure Workplace uninstall program
PASSWORD.EXE - Password Generation program
SAMPLE.CMD - A Sample REXX program to create Secure Objects
SETUP.DOC - Setup strings for program and folder objects
SECURITY INSTALLATION
Use SSETUP.EXE to install the Secure Workplace objects.
The syntax is:
SSETUP [/S=SourcePath] [/T=TargetPath]
/S=SourcePath specifies the directory that contains The Secure
Workplace files. The default directory is "A:\".
/T=TargetPath specifies the target directory to copy the Object
Class DLL files into. The target directory must be contained in
the LIBPATH statement in your CONFIG.SYS file. The default
target directory is "C:\OS2\DLL".
CREATING SECURE OBJECTS
You can create secure objects on a OS/2 desktop by using REXX
Object interface functions, or the Workplace Object interface
functions in a compiled language program.
The REXX Object interface functions include SysCreateObject,
SysSetObjectData, SysDestroyObject, SysQueryClassList.
SysRegisterObjectClass, and SysDeregisterObject Class. You can
include these functions in a REXX program. You can find the
descriptions for these functions in the Information Folder under
REXX Information. Look in the Rexx Utilities chapter of the
contents.
The Workplace Object interface functions include
WinCreateObject, WinDestroyObject, WinSetObjectData,
WinQueryObject, WinEnumObjectClasses, WinRegisterObjectClass,
and WinDeregisterObjectClass. You can find descriptions of the
functions in the OS/2 2.X Toolkit or the OS/2 2.X Technical
Library.
We recommend the REXX interface for creating and maintaining a
standard desktop setup on many computers.
To create Secure objects you need to know their case sensitive
class names. These names are:
SWSFolder - the Secure Folder Class
SWRFolder - the Restricted Folder Class
SWSProgram - the Secure Program Class
SECURING YOUR DESKTOP
The OS/2 operating system and its Workplace shell was designed
as a flexible open environment. As you may imagine, locking it
up is no trivial task. You can obtain degrees of security if you
are willing to plug the holes. In this section we describe the
holes in security and the how to plug them with Secure Objects.
The Move, Copy, Create Shadow, Delete, and Create Another pop-up
menu items on Workplace Objects, allow users to change the
desktop considerably. The Secure Workplace objects disable all
except the delete option. If you want to deny deletion, use a
setup string that includes "NODELETE=YES;" during object
creation.
The Find pop-up menu item on Folder objects is a security hole.
To avoid this hole create Secure Program, Restricted Folder, and
Secure Folder objects to service ALL of your user's needs, then
put everything else behind a Secure Folder.
A Command Prompt gives the user access to the file system. With
a little knowledge and a Command Prompt you can do almost
anything. If you must make the Command Prompt available then
create one using a Secure Program object. If you want to deny
the command prompt then use the Secure Program class to define
ALL accessible program objects.
The System Setup folder is available from the desktop's pop-up
menu. To deny access, create a Secure Folder and move the Setup
objects into it, then delete the Setup Folder.
The Drive's object Tree View will allow penetration of a Secure
Folder by making its sub-folders visible. To ensure security you
should put the Drive object that has the Desktop Directory
behind a Secure Folder.
If you discover any holes in this protection scheme, please
notify us. |
www.os2site.com/sw/util/security/secure.zip | local copy |
This work is licensed under a Creative Commons Attribution 4.0 International License.
Comments
Martin Iturbide
Sat, 10/06/2023 - 18:28
Permalink
Hello. Can you check if this
Add new comment