------------------- -------------------- Hello Hans! My understanding is a ARJ-SECURED archive just can't be changed in any fashion. If it could be updated it would not be secure. Regards, Gerry --- timEd 1.10+ * Origin: The Mountain Top Genealogy BBS *OH* 513-921-5568 V34+ (1:108/107) --------------- FIDO MESSAGE AREA==> TOPIC: 141 ARJ Ref: ECN00000 Date: 08/17/97 From: HANS MANGOLD Time: 03:06pm \/To: GERRY ELLISON (Read 1 times) Subj: Unknown ARJ Parameter-? Hello Gerry! 17 Aug 97 01:26, Gerry Ellison wrote to Hans Mangold: HM>> If I run "ARJ Z ARJ250A.EXE", which has a security envelope, I get HM>> the error message: HM>> Can't update an ARJ-SECURED archive! HM>> If I run the same command on an archive without security envelope, HM>> for example: HM>> ARJ Z ZTest.arj HM>> I get: HM>> ARJ 2.55c BETA TESTWARE Copyright (c) 1990-97 ARJ Software. May 08 HM>> 1997 GE> -+--+--+--+--+--+-- -+--+--+--+--+--+--- GE> Hello Hans! GE> My understanding is a ARJ-SECURED archive just can't be changed GE> in any fashion. If it could be updated it would not be secure. Gerry, that's fine; I don't have a problem with that. But this is drifting =away= from the original question, which was: What is the purpose of the (undocumented) "Z" command? Cheers, Hans ... BBSing ... time's black hole. --- GoldED/386 2.50+ * Origin: Digital Encounters * Kamloops BC Canada 250/374-6168 (1:353/710) --------------- FIDO MESSAGE AREA==> TOPIC: 141 ARJ Ref: ECN00001 Date: 08/15/97 From: JOHANNES BEEKHUIZEN Time: 06:56pm \/To: MORITZ BARTL (Read 1 times) Subj: Unknown ARJ parameter-? Hello Moritz, On 13 Aug 97, Moritz Bartl wrote to Andrew Belov: MB>>>>> Bad or missing SECURITY key MB>>>>> What's its function? What 'security key' is missing? AB>> There were some discussions about this command in Russia... I think his AB>> parameter is implemented in a commercial version or so, and needs a MB> But a friend has tried it with a registered one. He got the same MB> result. The security key is a feature that you have to buy extra and is not automatically included in the registration. Regards, Hans. --- GoldED/386 2.51.A1026+/2083 * Origin: Moderator gastro.028 (2:281/554) --------------- FIDO MESSAGE AREA==> TOPIC: 141 ARJ Ref: ECP00000 Date: 08/18/97 From: STEPHAN HRADEK Time: 08:32pm \/To: ALL (Read 0 times) Subj: Unknown ARJ Parameter-? Hi! You're discussing for quite a long time about ARJ Z ... I fear none of you has ever read the DOCumentation... HM>> If I run "ARJ Z ARJ250A.EXE", which has a security envelope, I get HM>> the error message: HM>> Can't update an ARJ-SECURED archive! That's okay since Secured ARJives may not be altered HM>> If I run the same command on an archive without security envelope, HM>> for example: HM>> ARJ Z ZTest.arj HM>> I get: ... > >Bad or missing SECURITY key That's okay since you haven't (at least I'm sure you haven't) paid for a security key (RTFM): ARJ_SECURITY ENVELOPE: The ARJ-SECURITY ENVELOPE feature provides a facility similar to other archivers. This feature disallows any type of modification, even commenting, to an ARJ-SECURED archive by ARJ. Moreover, there are additional internal checks to determine if the ARJ-SECURED archive has been modified in any way. *This EXTRA cost feature is* *intended for use by software developers who distribute their* *software in archived format and is only available for a special* *fee.* However, there can be no guarantee that this mechanism cannot be defeated. When accessing an ARJ-SECURED archive, ARJ will display a message indicating that ARJ is verifying the security envelope. If the envelope is damaged, a message will be displayed indicating so. If the envelope is intact, then the ARJ-SECURITY signature of the user locking the archive will be displayed. If the security envelope has been tampered with or the archive has suffered data corruption, ARJ will display a message stating that the security envelope has been damaged. In addition, ARJ will not abort processing the archive. The ARJ "-he" option and the ARJSFX "-s" option will skip the envelope verification. The most likely causes of an invalid envelope are that the file was corrupted in transmission or that the archive was tampered with. --- uuuund wech.... * Origin: ORIGIN.ARJ: thsismycmprssdorgnline (2:2452/180.6) --------------- FIDO MESSAGE AREA==> TOPIC: 141 ARJ Ref: ECQ00000 Date: 08/16/97 From: MORITZ BARTL Time: 11:32am \/To: GERRY ELLISON (Read 0 times) Subj: Unknown ARJ Parameter-? Gerry has told Moritz Bartl someting about "Unknown ARJ Parameter-?": MB>> A friend of mine has tried it in his firm (they have regged ARJ) and MB>> he got the same result. GE> ------------------- -------------------- GE> Hello Moritz! GE> GE> z: supply archive comment file GE> zARC.CMT: use ARC.CMT for comments GE> zNUL: use to strip comments That's not ARJ z (!!) that's ARJ a -zARC.CMT !! //{/{/{/{ Moritz Bartl }\{\{\{\\ --- Lamer Mail v1.6 R * Origin: wherever you go - whatever you do -> (2:2480/56.17) --------------- FIDO MESSAGE AREA==> TOPIC: 141 ARJ Ref: ECQ00001 Date: 08/20/97 From: HANS MANGOLD Time: 03:16pm \/To: STEPHAN HRADEK (Read 0 times) Subj: Unknown ARJ Parameter-? Hello Stephan! 18 Aug 97 20:32, Stephan Hradek wrote to ALL: SH> You're discussing for quite a long time about ARJ Z ... Yes. SH> I fear none of you has ever read the DOCumentation... You fear wrong. SH> That's okay since you haven't (at least I'm sure you haven't) paid for SH> a security key (RTFM): Not quite, Stephan. All you have done is quote a section of the docs dealing with the "ARJ_SECURITY ENVELOPE". I see no reference to the command "Z" in that section. Try again, but this time, I suggest =you= read the fine manual and quote any specific references to the "Z" command. Cheers, Hans ... Ever since I gave up hope, I feel much better! --- GoldED/386 2.50+ * Origin: Digital Encounters * Kamloops BC Canada 250/374-6168 (1:353/710) --------------- FIDO MESSAGE AREA==> TOPIC: 141 ARJ Ref: ECW00000 Date: 08/23/97 From: ANDREW BELOV Time: 01:48am \/To: MORITZ BARTL (Read 0 times) Subj: Re: Unknown ARJ parameter-? Hi Moritz! MB>>>>> Bad or missing SECURITY key MB>>>>> What's its function? What 'security key' is missing? AB>> There were some discussions about this command in Russia... I think AB>> this parameter is implemented in a commercial version or so, and needs AB>> a MB> But a friend has tried it with a registered one. He got the same MB> result. This seems strange to me... I've heard about some "hackers" who tried to make this option work by patching ARJ, but all they got were damaged archives. Maybe this option will be implemented in future (I don't believe it...) Is there an option to create security envelopes for ARJ archives now? I mean the security check which occurs when you install a new version of ARJ. If such an option is missing, then, the 'Z' command is the way to allow it in future. P.S. It looks like standard AV option, available in most archivers, but I have no idea why it is still not implemented. Bye. --- * Origin: Conea Software Mail system - Moscow, Russia (2:5020/181.2) --------------- FIDO MESSAGE AREA==> TOPIC: 141 ARJ Ref: ECW00001 Date: 08/22/97 From: STEPHAN HRADEK Time: 07:34pm \/To: HANS MANGOLD (Read 0 times) Subj: Unknown ARJ Parameter-? Hello Hans! You wrote on 20 Aug 97 to Stephan Hradek: HM> Not quite, Stephan. All you have done is quote a section of the docs HM> dealing with the "ARJ_SECURITY ENVELOPE". Yes. HM> I see no reference to the command "Z" in that section. I _never_ said that Z is documented. HM> Try again, but this time, I suggest =you= read the fine manual and HM> quote any specific references to the "Z" command. If you can't see the connection between: ... !ARJ_SECURITY ENVELOPE". ... and the message from ARJ Z ... "Bad or missing SECURITY key" I can't help you. Sorry for that. To me it's blindingly obvious that ARJ Z will create the SECURITY ENVELOP. --- uuuund wech.... * Origin: ORIGIN.ARJ: thsismycmprssdorgnline (2:2452/180.6) --------------- FIDO MESSAGE AREA==> TOPIC: 141 ARJ Ref: ECX00000 Date: 08/26/97 From: BOB SEABORN Time: 08:36pm \/To: ANDREW BELOV (Read 0 times) Subj: Unknown ARJ parameter-? > archives now? I mean the security check which occurs when you install a > new version of ARJ. If such an option is missing, then, the 'Z' command > is the way to allow it in future. It is the security key, and *DOES* work as advertised. > > P.S. It looks like standard AV option, available in most archivers, but > I > have no idea why it is still not implemented. Sorry, but it does work here, although you need a special registered version of ARJ that's only made available to those who purchased the AV-Security package. Something I did a long time ago. .....Bob --- GEcho/32 & IM 2.50 * Origin: Canadian RegSite for AllFix & Gecho (1:140/12.1)