Microsoft Corporation comes under a lot of flack from the IT community for slipshod work. The constant state of software being released by them that is either incompatible with everything they (and anyone else) has done, and an unprecidented number of security holes leads to much ridicule of the organisation.
I’d like here to just make a point of the latest (as at December 15th 2001) blunder that the company has fallen into. They have today released what is being termed as a major patch to their web browsing software, Internext Explorer. This has only been made available for versions 5.5 (Service Pack 2) and 6. While end-of-life’ing older versions is probably acceptable, it should be known that 5.01 SP2 is not that old, and the lack of a patch for this older version will hurt some organisations and their SOE.
Just to not miss other coverage of this, here are stories on Slashdot and The Register.
The main point is thus: take a peek at the image here showing my laptop with its installed MSIE 6.0 under MS Windows Millennium Edition, and me trying to install this update.
Which begs the question: what version do I have of MSIE installed? And where is my patch to fix the security vulnerabilities that MS is (perhaps) trying to rectify?
Pastel is an accounting package for the Win32 platform. Version 5 was originally written for either Windows 3.1 or WIndows 95: it seems to be a 16-bit application. Running this on Windows 2000 should be straight forward, if you are prepared to give users access to the Power Users user group on the workstation.
Lets add a little spice to this problem. I’m going to use Samba 2.2.2 (or newer, perhaps) as a Primary Domain Controller for authenticating the users ont he network and giving them access to the shared files. Pastel does multi-user by file sharing: samba is a damn fine file server for SMB protocols, and can be a PDC as well.
However, as at Samba 2.2.2, there are only two groups that Domain Users may be in: Administrators, and Users. Not Power Users.
So the task was this: get Pastel to run for standard Users.
The problem with this is file and registry key permissions: these are undocumented, and Pastel are either unwilling to tell me what these should be, or don’t know; its hard to tell with their confusion. I am hoping someone at Pastel will see this page, and correct any mistakes here: God know that phoning and emailing them has failed to extract the right information!
Pastel uses Btrieve microkernel as a back-end. So we must make this accessible as well. There are two parts to check: Registry keys and system DLLs.
In watching the %WINDOWS%/system directory during the install, I found that Btrieve installed the following files:
These files should be readable and executable where required for all users on the domain.
The registry keys are in HKLM/Software/Btrieve Technologies. This should have full access to everyone on the domain.
Next, Pastel permissions. Find the Pastel directory (possibly Pas5) and change that to be accessible to all users on the domain. Make the executables to be executable for all users on the domain.