secure: none
[1/11] from: hijim:pronet at: 16-May-2003 18:22
secure: none
I suppose all of you experts know this, but I just figured it out today. Those annoying
permission boxes that pop up when you want to print or want to change directories using
request-file can be prevented.
I've seen scripts in the archives that have secure: none at the beginning of the program.
I tried that, but the pop up box popped up before the program ran asking if I want to
accept a lower level of security. That's a poor solution. If I say I want secure: none,
that's what I want.
Taking a cue from my-launch: launch, I put secure: none in the user.r file. Now all of
my programs work just the same except for never asking my permission to print a file
or to change directories!
Well, I know there are some beginners on the list. Maybe someone will find this of use.
Jim Clatfelter
16-May-2003
[2/11] from: brett:codeconscious at: 17-May-2003 12:03
Now anyone can send you programs that do whatever they want without you
knowing...
Not recommended.
Regards,
Brett.
----- Original Message -----
From: <[hijim--pronet--net]>
To: <[rebol-list--rebol--com]>
Sent: Saturday, May 17, 2003 11:22 AM
Subject: [REBOL] secure: none
> secure: none
>
> I suppose all of you experts know this, but I just figured it out today.
Those annoying permission boxes that pop up when you want to print or want
to change directories using request-file can be prevented.
> I've seen scripts in the archives that have secure: none at the beginning
of the program. I tried that, but the pop up box popped up before the
program ran asking if I want to accept a lower level of security. That's a
poor solution. If I say I want secure: none, that's what I want.
> Taking a cue from my-launch: launch, I put secure: none in the user.r
file. Now all of my programs work just the same except for never asking my
permission to print a file or to change directories!
[3/11] from: hijim:pronet at: 16-May-2003 20:31
Thanks, Brett. I see your point. But I only use programs I wrote. If I try
others' scripts, I'll disable that line. I'm not sure what you mean about
people sending me programs. Don't I have to open them myself?
Jim
[4/11] from: antonr::iinet::net::au at: 17-May-2003 15:46
Re: secure none (was: Re: secure: none)
I assume Brett means that if you put
secure none
in your user.r file, then you will become accustomed to
using it and forget about it. Then one day you run a
malicious or buggy script that wipes some data without
warning.
To prevent this kind of disaster I have set up two links
to run rebol/view. One with all my custom user.r stuff activated
and one without:
- D:\Anton\Dev\Rebol\View\rebol.exe -- "do-anton-user?: true"
- D:\Anton\Dev\Rebol\View\rebol.exe (as normal)
Now in my user.r I have this line:
if value? 'do-anton-user? [do %anton-user.r]
where the file anton-user.r has all my customizations in it.
So it is easy for me to drop back to "secure/compatibility"
mode to try scripts that have been posted publically.
It is also a good way to test my own scripts when I feel that
they are good enough for public release.
Anton Rolls.
[5/11] from: brett::codeconscious::com at: 17-May-2003 15:51
Re: secure: none
Hi Jim,
>From my point of view it's equivalent to leaving a loaded gun lying around
and saying "Don't I have to pull the trigger first?".
I don't think it is good beginners advice :)
> Thanks, Brett. I see your point. But I only use programs I wrote.
You've never seen a REBOL/View rebsite? Suprising! :)
In responding to your email I have not set about looking at every possible
path of execution, I'm just reacting to what I thought could be perceived as
a suggestion to turn off this useful saftey measure.
It can be a pain responding to the security dialog, but for executing
scripts you can avoid it by organising folders appropriately. Of course
reading data from another directory brings it up.
Anyway, I just wanted to ensure that beginners on this list don't do
something with SECURE that they don't understand.
Regards,
Brett.
[6/11] from: atruter:labyrinth:au at: 17-May-2003 21:39
> It can be a pain responding to the security dialog, but for executing
> scripts you can avoid it by organising folders appropriately.
I find putting "common" code in REBOL/public then do'ing it (eg. do
%/c/REBOL/public/gui.r) works fine for this purpose.
Regards,
Ashley
[7/11] from: hijim::pronet::net at: 17-May-2003 8:25
secure: not much
secure: not much
Sorry about the bad advice. Forget you ever heard it.
Here's what I find odd about SECURE. It won't let me write to my printer without popping
up and asking me to allow all. It won't let me change directories without my permission.
But it will allow me to delete all files in the present directory without even an "Are
you sure?". It will allow someone else's script to do that too.
My printer is connected to my computer only. If I make a Print button, I click on it
because I want to print. I don't want to be asked it I want to print. Maybe I can disable
this only!? allow write %prn// ?? Something like that?
No, I've never been able to go to a rebsite. I have studied and run scripts from the
Rebol script archives and other websites. I assume they aren't malicious scripts. Maybe
I shouldn't.
I'll try Anton's two user.r file method. That way I can still prevent those pop-ups.
Thanks, Jim
[8/11] from: antonr:iinet:au at: 18-May-2003 1:48
Are you sure you are not just setting
the word 'secure to none ?
The correct way to lower the security level is:
secure none
not:
secure: none
Just checking,
Anton.
[9/11] from: hijim:pronet at: 17-May-2003 13:56
secure
Hi Anton,
Well, this is strange.
secure none in the user.r file results in an error
secure: none works fine in user.r. !!!!!
secure: none in a program file does not work.
secure none pops up and tells me a program wants a lowered level of
security.
I'm glad to be rid of those pop-ups. Click NO, and the program crashes. What
kind of reaction is that!? NO is not a real option if you want the program
to respect you choice and to keep running.
I guess I just stumbled on user: none. I'm just glad it works.
Jim
[10/11] from: antonr:iinet:au at: 18-May-2003 15:35
Ah, it makes sense now.
I did a trace at the end of my user.r and saw
that this code is executed after the user.r
is done:
do compose/deep [secure [
file [ask read ask write ask execute]
(system/options/home/user.r) [allow read]
(system/options/home/prefs.r) [allow read]
(system/options/home/public) [allow read]
(either all [system/options/script not find system/components
'link]
[first split-path system/options/script]
[system/options/home])
allow
]]
So even if you set the secure level before in the user.r,
those settings will be ignored since rebol sets the secure level
itself as above.
But if 'secure is none, then the above code won't change
the security level anymore.
I assume rebol starts with no security at all so it can
do what it needs to do.
I hope you understand what I am trying to say here;
The 'secure word has been pointed away from its original
function, therefore it does nothing when rebol tries to
increase the security.
I put these two lines at the end of my user.r to
get the trace:
trace on
echo %startup-trace.txt
I now remember that this topic was already talked about
a long time ago. :)
Anton Rolls.
[11/11] from: hijim:pronet at: 18-May-2003 8:49
Anton:
I hope you understand what I am trying to say here;
The 'secure word has been pointed away from its original
function, therefore it does nothing when rebol tries to
increase the security.
Jim:
Yes, I understand what you're saying.
I changed the user.r line to
secure: "forgetaboutit"
and I get the same result.
Thanks for the explanation.