Page 1 of 1
The MEM Device
Posted: Sat Mar 09, 2024 11:11 am
by pjw
I moved this from the
Announcing availability of a QLNET driver for the Q68 (ND-Q68) topic.
Re the MEM device and network security:
tofro wrote: ↑Fri Mar 08, 2024 2:02 pm
<>
Block, yes (simply don't start FSERVE or the mem driver), limit, well, no. QL designers believed in the good in people. You could maybe use Toolkit III, that allows to restrict access to files and devices by users (and, BTW, comes with yet another MEM device driver). I don't know how secure that is, however. (Toolkit II introduces a file access flag "HOST ONLY" - which forbids exposure of a file to the file server)
<>
Ok, I misunderstood: The MEM device (naturally!) has to be installed on the target system to be a threat.
I never really tried the MEM device that I remember. A nice simple example of a device driver! However, I couldnt get it to work on QPC2. I assembled and used Lau's variant as his was fixed to be Minerva-compatible, which I assumed might be a closer match to SMSQ/E. It also has some enhancements. One can move around in the space, but try doing anything else, like PUTting anything in and it errors with an end of file.
I havent investigated, because at this point Im not all that interested, but it would be nice to give it a spin. So has anyone else encountered this issue and, better still, fixed it?
Re: The MEM Device
Posted: Sat Mar 09, 2024 2:11 pm
by martyn_hill
Hi Per!
I developed the MEM driver a bit further than Simon's and Lau's originals and it works under SMSQe quite nicely.
I'll digit out and share the (revised) source and binary when I'm back at my laptop.
Re: The MEM Device
Posted: Sat Mar 09, 2024 3:14 pm
by pjw
Great! Looking forward. Thanks
Re: The MEM Device
Posted: Sat Mar 09, 2024 3:52 pm
by bixio60
martyn_hill wrote: ↑Sat Mar 09, 2024 2:11 pm
Hi Per!
I developed the MEM driver a bit further than Simon's and Lau's originals and it works under SMSQe quite nicely.
I'll digit out and share the (revised) source and binary when I'm back at my laptop.
Thank you Martyn and all people that gave me suggestions.
I implemented successfully your idea to use netTime=FUPDT(\tempDateFile$), all ok and finally all the QLs in the net have the date&time updated.
Looking forward to try your MEM enhanced driver.
Fabrizio
Re: The MEM Device
Posted: Sat Mar 09, 2024 4:08 pm
by martyn_hill
Ah, good! I was hoping to hear whether you had been successful with the original time synchronisation project!
Re: The MEM Device
Posted: Sun Mar 10, 2024 12:00 pm
by tofro
Sometimes, apparently, problems need to sink in deeply for a while until they collide with something else in my memory that happens to be the solution. Same case here, I totally forgot about NASERVE until a small LED went blinking in my brain:
With regards to the MEM device and security concerns (overall, also other files and devices, but MEM seems to have specific risks...) about FSERVE, you might want to have a look at Martin Head's NASERVE program. It does pretty much the same as FSERVE, but with opposite policy: While FSERVE exposes all devices and files to the outside world, NSERVE, per default, exposes nothing - You need to use the NAS_SHARE command to list the files and devices you want to be seen from the outside world. There's options on when you might want to expose stuff read-only or read-write and whether you want NASERVE to apply its policies globally or to specific network stations.
Problem solved.
NASHARE is part of Martin Head's network router project and should be available from the usual places.
Re: The MEM Device
Posted: Mon Mar 11, 2024 11:19 am
by Martin_Head
tofro wrote: ↑Sun Mar 10, 2024 12:00 pm
Sometimes, apparently, problems need to sink in deeply for a while until they collide with something else in my memory that happens to be the solution. Same case here, I totally forgot about NASERVE until a small LED went blinking in my brain:
With regards to the MEM device and security concerns (overall, also other files and devices, but MEM seems to have specific risks...) about FSERVE, you might want to have a look at Martin Head's NASERVE program. It does pretty much the same as FSERVE, but with opposite policy: While FSERVE exposes
all devices and files to the outside world, NSERVE, per default, exposes
nothing - You need to use the NAS_SHARE command to list the files and devices you want to be seen from the outside world. There's options on when you might want to expose stuff read-only or read-write and whether you want NASERVE to apply its policies globally or to specific network stations.
Problem solved.
NASHARE is part of Martin Head's network router project and should be available from the usual places.
The NASERVE is part of the IP Network driver. I also did a version for the QL to replace the TKII FSERVE
https://dilwyn.qlforum.co.uk/internet/NAServe100.zip
Re: The MEM Device
Posted: Tue Mar 12, 2024 12:56 pm
by pjw
martyn_hill wrote: ↑Sat Mar 09, 2024 2:11 pm
Hi Per!
I developed the MEM driver a bit further than Simon's and Lau's originals and it works under SMSQe quite nicely.
I'll digit out and share the (revised) source and binary when I'm back at my laptop.
Hi Martyn,
Is this still happening? I was hoping to test whether NASERVE blocks it, as tofo suggested.
Re: The MEM Device
Posted: Tue Mar 12, 2024 8:44 pm
by martyn_hill
Hi Per!
I was reviewing my mod'ed driver (after 6 years
and found a bunch of debug stuff still left in whilst I was still getting it to run on both Minnie and SMSQe (some different trap register usage), so am just tidying up the source ready to reassemble.
I've been using it on and off in both environments since then without problems, but that's not to say I didn't screw up something when adding the features I was after (such as EOF handling for buffered MEM channels and such like.)
I'll share the source and binary at the weekend.
Re: The MEM Device
Posted: Tue Mar 12, 2024 10:29 pm
by pjw
Hi Martyn,
No rush on my account, I still have a lot of figuring out to do.
Thanks for taking the trouble!