User log, tools
Volume Number: 5
Issue Number: 5
Column Tag: Programmer's Workshop
User Log and Programming Tools 
By Dave Kelly, MacTutor Editorial Board
It was just a few short weeks ago that I was cleaning out our ‘nVir’ attack. Yea,
about 8 out of 10 of our Macs had the dreaded disease. The guy that wrote it probably
thinks he is real funny right now. Ha, Ha. Well, after about 15-20 hours worth of
checking floppy disks and cleaning systems I’m not laughing. That just goes to show
you that even when you think you are fine it could still get you. At least my own Mac
at home was still clean.
Making a fuss like that in a big company doesn’t go over very well. The
management has sent out an edict that all Macintoshes must be checked for viruses once
each day. That’s a bit much, wouldn’t you say? In addition, they want every user
(there are many more users than there are Macs) to log in each disk that they insert
into a Macintosh. “WHAT?” you say. That’s right, write down on a log sheet your
name and what disk you inserted into the system. I don’t need to tell you that most
people don’t bother to write anything on the log sheets. This was bound to backfire
somehow. Probably someone will think that few people use the Macintosh (this is
obviously not true since it is hard to even get on a Mac during the day, and I have to
bring my work home) and not allow us to buy more (much needed) computers.
There are a few options open to solve this problem. We could just lock up
everyone’s floppy disks so that they can’t take them home, or buy a commercially
available activity tracking system such as MacInUse to log each user in, or we could
write a quick and dirty program to do at least part of the job for us. Buying a copy of
software for every Mac we have doesn’t appeal to anyone since we do have a strict
budget. I hope they realize how much free use of equipment they get when employees to
work at home on their own computers. We must be able to backup and transport data
via floppy disk. I opted to write a short program to do the job. I didn’t have the time to
make it do everything, but it will meet the basic need to log everyone in.
HOW IT WORKS
The trick involved in this program is to get the program to run again after any
application runs and when it quits, return back to the Finder. I didn’t want to remove
any features from the Macintosh such as the Finder. It would be easier to just replace
the Finder with another application but that would make it hard for users to copy their
own disks, etc. There are two global memory locations that are used to make this work.
The first one, CurApName at $910 gives us the name of our application in case
someone changed the name. The second one, FinderName at $2E0 is the name of the
finder which is used to tell the system which program to run when an application
quits. By putting CurApName into FinderName our application will run after each time
another application quits provided that our application is put in the system folder.
The program ‘Who?’ is a very simple program to record usage and on the
computer. You may use 1 or more passwords (in case there are several people using
the system). The passwords are stored in a STR# resource in the application. The
passwords are not encrypted because most of the users that I come in contact with don’t
have ResEdit or even if they did they wouldn’t know how to use it. The ones that do are
going to get past this sort of password protection anyway. Remember, the main
purpose is not to keep people out, but to log activity. You may edit passwords by
changing the STR# resource.
When the program runs, a modal dialog box comes up to request the password and
user’s name. The user must type in a name or the program will not end. (‘Enter Your
Name here!’ is not a valid user name). When all the information has been filled in the
user selects the OK button and if the password matches one of the STR# resource
items, the program continues. At this point, the FinderName global is updated to the
current application name as explained above. Next the available volumes are searched
so that they can also be logged in. The purpose of this was to give some traceability if
the virus appears again. We want to be able to trace to some extent who may have disks
that are infected. This is not foolproof however because the user can always switch
disks while running under another application. The function ‘GetIndVolume’ for
searching for mounted volumes is found in technical note #24 by Bryan Stearns. This
is a good one to keep around for future use.
The ‘Who?’ program finishes by fetching the time and date and storing the data to
a file on disk, then launching the Finder. The log-in data file is set to invisible to
make it harder to erase from the disk. It can be accessed via a word processor to
examine who? has been using the Mac. I included a way to reset the FinderName back to
Finder and make the log-in file visible. By typing ‘ShowLog’ (case sensitive) for the
password, the log will become a visible file. By using ‘RestoreFinder’ (also case
sensitive) for the user name, the FinderName global will be set to Finder. That’s about
all there is to it. To set up the application, drag it into the system folder and then
select it. Next choose ‘Set StartUp’ from the Finder’s Special menu. If you use
‘RestoreFinder’ be sure to ‘Set StartUp’ again or the system will get confused the next
time you startup.
There is a lot of things that could be done to change this program to add features
which you may feel are needed. While this by no means keeps the virus bug from
coming, it does provide a bit of traceability to help in the clean up process.
program who;
uses
filestuff;
const
DialogID = 4912; {Resource ID number}
FinderName = $2E0; {Global location of Finder name}
CurApName = $910; {Global location of Current Application name}
type {this type sets up structure for launching applications}
pLaunchStruct = ^LaunchStruct;
LaunchStruct = record
pfName: StringPtr;
param: integer;
end; { LaunchStruct}
var
itemhit: integer;
theDialog: Dialogptr;
itemtype, index: integer;
item2, item3: handle;
box: rect;
text2, text3, thepassword: str255;
access, done: boolean;
Filenameptr: STRINGptr;
fName: str255;
Finderptr: stringptr;
pMyLaunch: pLaunchStruct;
myLaunch: LaunchStruct;
d: DateTimeRec;
datafile: str255;
data: text;
procedure Launchit (pLnch: pLaunchStruct); {Launch an application}
inline
$205F, $A9F2;
procedure writedata; {store the log in file to disk}
var
whichvol, VolRefNum: integer;
volName: str255;
Result: OSErr;
fndrInfo: FInfo;
flgptr: ptr;
begin
datafile := ‘Log in.data’; {set filename for data file}
open(data, datafile); {open the file}
seek(data, maxlongint); {find the end of the file}
writeln(data, text3, ‘ ‘, text2, ‘ ‘, d.Month : 3, ‘/’, d.Day :
2, ‘/’, d.Year : 4, d.Hour : 3, ‘:’, d.Minute : 2, ‘:’, d.Second :
2);
whichVol := 1; { start searching for disks in 1st vol.}
repeat { find all the volumes that are currently mounted}
begin
Result := GetIndVolume( whichVol, volName, VolRefNum);
if Result <> nsvErr then
begin {store the volumes on line to system disk}
writeln(data, whichvol, ‘: ‘, volName);
whichVol := whichVol + 1;
end;
end;
until Result = nsvErr;
close(data);
Result := GetFInfo(datafile, 0, fndrInfo);
if BitAnd(fndrInfo.fdFlags, fInvisible) <> 16384 then
fndrInfo.fdFlags := fndrInfo.fdFlags + fInvisible;
if text2 = ‘ShowLog’ then
fndrInfo.fdFlags := fndrInfo.fdFlags - fInvisible;
Result := SetFInfo(datafile, 0, fndrInfo);
end;
begin {start of main program}
initcursor;
access := false;
text2 := ‘Enter Password here!’;
text3 := ‘Enter Your Name here!’;
theDialog := getnew dialog( dialogID, nil, POINTER(-1));
getditem(the dialog, 2, itemtype, item2, box);
setItext(item2, text2);