Promotic
WikipediaLinkedInYoutubeTwitterFacebook

SafeOper component

Components and SafeOper settings serve for securing the application from unwanted actions of the operator for example starting other applications, ending the PROMOTIC application, etc.
 
This functionality is based on the possibility to configure the OS Windows 10/7/Vista/XP/XPe/2003-12Server by values in the registration database (system registers) in order to make the running PROMOTIC application secure against unwanted actions of the operator. Configuration files and scripts are located in the folder \Pm\Tools\SafeOper\ (folder WinXP and Win7). Everything that is described here that works in OS Windows 7 is also functional in OS Windows 10. In fact this is not a PROMOTIC component, but only a specific OS Windows setup.
 

Behavior of so configured system

a) After starting the computer, the PROMOTIC application is started automatically (Windows user Promotic is automatically logged in and the batch file AutoStart.bat in which the PROMOTIC application is triggered, is started).
b) Neither the Windows desktop nor the TaskBar is started nor the TaskManager is accessible.
c) Shortcuts Ctrl+Alt+Del, Ctrl+Esc, etc. aren't functional
d) Shortcuts Alt+Tab, Alt+F4, etc. are functional and they enable handling with already opened windows and applications.
e) If the PROMOTIC application is decreased, then even the right mouse button doesn't work over the desktop outside the PROMOTIC application. Decreasing and closing the application can be barred on top of that in the configurator of the PmRoot object on the Application and Appearance pages.
f) No task can be started by interactive tools in the OS Windows.
In OS Windows XP it is possible to prevent the user from log-off and computer shutdown.
Since OS Windows Vista the Ctrl+Alt+Del keys can be pressed and then user log-off or computer shutdown cannot be prevented.
g) From application scripts it is possible to start any application by means of the Pm.CreateProcess or Pm.ShellExecute function (even in the context of another Windows user respectively, for example Admin, by the utility RunAs).
h) Logging off the user or switching off the computer must be engaged in the application by means of the Pm.ShutDown function (prefarably to call it on termination of the application in the PmRoot.onAppStopBegin event).

Characteristic of work with PROMOTIC and application

All installation and upgrade of the PROMOTIC system and the application itself proceeds under created Windows user Admin (group Administrators). This account has no security properties and it enables unlimited work with the OS Windows, the PROMOTIC and the application. This configuration refers to normal, non-protected operation.

The protected operation of the PROMOTIC application itself proceeds under created Windows user Promotic (group Users and temporarily even the group Administrators during the configuration due to writing into the register database). The application has an access into the folder \Pm with the installed PROMOTIC system for reading only.

Because the application is installed under the user Admin and operated under the user Promotic, all files and folders of the application must be accessible to the user Promotic for read and write. This is accomplished in the file system FAT32 where it isn't possible to set rights for files and folders but in NTFS this condition must be ensured (it wouldn't be accomplished by default).

If the OS Windows is installed on a stand-alone computer (outside a domain), then the OS Windows use simplified security model. It is not possible to set the user access rights for files and folders manually, but there is a shared Windows folder (C:\Documents and Settings\All Users\Documents for Win XP and C:\Users\Public\Documents for Win Vista, Win Server 2008 and newer), that has its rights preset in order to enable all folders and files stored in it to all Windows users for read and write. This is the reason why it is suitable to place the application, including the folder with the application data files, into this shared folder.

If the OS Windows are located into a domain, then the application can be installed wherever but it is necessary to enable reading and writing the application folders and files to the user Promotic. In case of emergency, the simplified security model of sharing files in the OS Windows XP that are not in the domain, can be switched off by means of 'Local security principles' of the computer.

On the configuration of the SafeOper component it is necessary to follow the guideline precisely. It is important that it is possible to bar the automatic logging in the user Promotic and consecutive starting the application by the key SHIFT, kept pressed during the whole start of the OS Windows, and, instead of this, to log in as the user Admin and to make pertinent modifications in the SafeOper configuration, the application and the PROMOTIC system. In the last resort it is possible to delete the user Promotic and to start the whole installation again from the point 7).

It is possible to start REG files (SafeOperStart.reg and SafeOperStop.reg) only under the user Promotic and in the moment when it is temporarily added even in the group Administrators. Basically it is necessary to start the file SafeOperStart.reg only once during the installation while the file SafeOperStop.reg typically needs to be never started.

Description of individual steps during installation in OS Windows

By a wrong installation the situation when it isn't possible to connect correctly to the installed system, can come in the extreme case. That's why the following walkthrough is recommended:
1) Login as Administrator.
2) Create a new user Admin, member of the group Administrators (important step, do not skip this).
3) Log out and log in as Admin.
4) Install the PROMOTIC system into the folder C:\Pm.
5) Install the application into a new folder located in the shared folder
C:\Documents and Settings\All Users\Dokumenty (for Win XP) or
C:\Users\Public\Documents (for Vista, Win Server 2008 and newer).
6) Edit SafeOper files in the folder \Pm\Tools\SafeOper\WinXP or Win7 (AutoStart.bat starts the PROMOTIC application, SafeOperStart.reg configures the user Promotic in the SafeOper mode and SafeOperStop.reg configures the user Promotic back in the normal mode).
6.1) AutoStart.bat, in the file a command for starting the PROMOTIC application is edited (the file can be copied elsewhere so that it cannot be overwritten on the PROMOTIC upgrade).
6.2) SafeOperStart.reg, in the file a key with path to the file AutoStart.bat (Shell), computer name (DefaultDomainName) and password of the user Promotic (DefaultPassword) are edited.
7) Create new user Promotic, member of the group Users and Administrators.
8) Log off and log in as the user Promotic.
9) Start (read) file SafeOperStart.reg in the folder \Pm\Tools\SafeOper\ folder WinXP or Win7.
10) Remove the user Promotic from the group Administrators.
11) Restart computer.

Examples

Example1:
Shutdown OS Windows together with ending the application by calling the Pm.ShutDown method in the PmRoot.onAppStopBegin event.
Pm.ShutDown 2, true
Example2:
Start the command line in the context of the logged-on Windows user (Promotic) from a script by means of the Pm.CreateProcess method.
Pm.CreateProcess "cmd.exe", ""
Example3:
Start the command line in the context of another Windows user (Admin) from a script by means of the Pm.CreateProcess method. This command shouldn't be missing in the service menu of the application, protected by the SafeOper component because the command line allows to start any other program, edit Windows users and their rights, copy and delete files, etc.
Pm.CreateProcess "runas /user:Admin cmd.exe", ""
Example4:
Start editing the particular file in the context of another Windows user while on each starting a password of the user must be entered (password mustn't be empty).
Pm.CreateProcess "runas /user:Admin ""notepad.exe C:\Pm\Promotic.ini""", ""
Example5:
Start the application from the batch file AutoStart.bat by means of the RunLater utility (using this utility is necessary so as the window with the command line disappears from the screen after starting the application).
C:\Pm\RunLater.exe /t=1 /f=C:\Documents and Settings\All Users\Dokumenty\Demo\demo.pra

Useful commands of command prompt

Example1:
Start a new command line in the context of another Windows user (Admin) from the command line (which is, for example, in the context of Promotic).
runas /user:Admin cmd.exe
Example2:
Start the tool for modification of Windows users (possibility to assign administration rights to the Promotic user).

Not available for OS Windows Home editions (Windows 10 Home, Windows 7 Home Basic, Windows 7 Home Premium, ...).

Modifications can be done only in the context of the Windows user with administration rights (Admin).

lusrmgr.msc
Example3:
Start the tool for Local Security Policy Editor

Not available for OS Windows Home editions (Windows 10 Home, Windows 7 Home Basic, Windows 7 Home Premium, ...).

Modifications can be done only in the context of the Windows user with administration rights (Admin).

secpol.msc
Example4:
The command for starting the desktop, toolbar with the button Start Windows (if SafeOper is active and the desktop is suppressed). It is necessary to restart the computer later on, so as SafeOper is fully functional again.
explorer.exe
Example5:
Start the REG file SafeOperStart.reg or SafeOperStop.reg that activates or inactivates the SafeOper component. It can be done only in the context of the Windows user Promotic, namely in the moment when it is temporarily added into the Administrators group.
SafeOperStart.reg
SafeOperStop.reg
Example6:
Edit text file.
notepad "C:\Pm\Tools\SafeOper\WinXP\AutoStart.bat"
notepad "C:\Pm\Tools\SafeOper\WinXP\SafeOperStart.reg"
© MICROSYS, spol. s r. o.Tavičská 845/21 703 00 Ostrava-Vítkovice