Hi again, Tom has provided a lot of useful input on the issues we've been discussing with regards to data management configuration for educational applications. However, when I was on IRC there were 3 different people who independently said some of these issues are being thought about. Now would be a great time to share those thoughts :-).
Just to re-cap, here are the main issues as I see them: 1. Many elementary/primary schools don't run with real user accounts, because little kids have a hard time with things like typing passwords. So all students use the same password-less login, often with username "student". Thus, educational applications needing to store per-kid data have to come up with a standard way of doing that. Beyond starting each application with a GUI that allows the kid to select him/herself from a list, the main issues are how to store the data. 2. One proposal (that I advanced) is simply a directory tree, put in a standard place, that could be used by all applications. In my version of the implementation, these directories would have little or no security. (One exception: if the school is using real user directories, we would of course make use of those.) 3. Tom proposed LDAP or web services. I've always thought of LDAP mainly as a method of easing sysadmin burdens by allowing the same passwords to be used on any machine, but through reading this weekend I've begun to better appreciate Tom's suggestion---if I understand correctly, we could use LDAP or web services to manage access to particular directories that are otherwise off-limits to more general applications. Is that correct? If so, is the enhanced security worth any troubles in terms of installation or management? I don't have personal experience with LDAP, but have heard a few concerns voiced about its complexity. (For example, my lab's sysadmin spent a week trying to switch our computers to logging in via LDAP, and reverted to just setting up everyone's password on every machine.) Perhaps some of the trouble is really a configuration issue, and we could smooth over that by providing software that insulates the user from the technical details? Would cross-platform (Mac, Windows, and even BeOS) be a problem? Overall, how much of a problem is security? At the elementary school level, I tend to think it may not be a big problem---the kids aren't very technically savvy, and without individual password-protected user accounts there is a limit as to how much one can really insure security. But others might disagree, and in any event it's worth asking whether similar issues arise at higher grade levels. What advice do the rest of you (including Tom, of course) have to share? --Tim
-- edubuntu-devel mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/edubuntu-devel
