Am Mittwoch, 28. Mai 2003 13:32 schrieb Buchan Milne:
> Mostly ... just remember to link new documents in some place logical, I
> couldn't easily find your cooker howto in the Wiki, so I made a link to
> it in the testing task for 9.2.
>
> But it seems its mostly you, me and Austin at present. Others should
> feel free to add stuff, particularly in the feature requests at this
> stage ... if you don't have write access, mail your stuff to the list
> and someone will pick it up, but please read the current feature
> requests first.
>
> Regards,
> Buchan
>
Nice work Buchan et al .
*** "Make dialup for user more easy" ****
Here maybe some informations are usefull:
For modem several ISP should be easy by using peer-scripts as descriped in
"man pppd" in the security section and :
"call name
Read options from the file /etc/ppp/peers/name. This file may
contain privileged options, such as noauth, even if pppd is not
being run by root. The name string may not begin with / or
include .. as a pathname component. The format of the options
file is described below."
For isdn and isdn4net it is possible by different files in
/etc/isdn/profiles/link/ and some additional work. I can here a) add an
easier method to isdn4net or translate my article from documentation section
in the Clubs board (currently german) or both.
For adsl it is not that often used to have different ISP I guess, alltough it
should for pppoe be possible to use the same way like with modem.
For all above I guess there is a group pppuser needed and the
pppd/devices/ipppd/devices should be owned by that group. So dialup for user
is secure and possible for user. If wished I can tie up some more specific
information for this.
*** "remove/insert super-user menu items and icons" ***
I don't think it usefull to remove all superuser icons and links rigerous on
all user accounts. A big number of users are there own admin. This would lead
them more to login as root, instead login as user and su. A way both sides
could be happy is to be able specify a user , who is responsible for the
system. This user could get all the configuration icons and so on. Further
this user should get the system mail (security warnings etc) This maybe could
be ready configured in standard applications. The other users wouldn't get
all the icons. I guess this setup fits nice in real wrld usage. It have to be
possible to specify no such a user at all, since there are administered
networks there no such user have to exist.
*** "Better Network Configuration" ***
mandrake should contain an easy configurable firewall for all connection types
at least for standard setups. This means that at least the outside interface
is good secured (net) and the intern is not bloacked at all (loc) Since often
the firewall machine is either used as workstation and router for other
machines or is standalone, these cases need attention too.
Maybe with fuser or similar open ports could be detected and the application
be named and it could be asked if the should be allowed for outside. This
would it make easy for newbies to secure their machine nice.
*** RandR ***
What I have not found yet is a RandR applet for KDE. Has someone experience
here yet. How functional is RandR support yet ? This would be a nice thing to
have.
My thought while reading the list. Since I have nno write access, it would be
nice to quote usefull things out my mail :)
Unrelated to that:
It would be nice to add support for pppdcapi to drakconnect. Since I don't
know how difficult this is i don't know if it will be done. I can write some
stuff down if someone wants to have a look at it. It is just a matter of
adding login information in a template file. A tool to connect with this sort
of dial-up is linesrv /LineControl or other apps there one can add user
defined scripts for connect a pppd connection.
Hope above is not to much to read , thanks for reading till here ;)
Regards
Steffen
