Thanks for the detailed reply... I especially like the checksum trick!--think I'll try that. I have my xterm chmod 700, so I'm not worried much about that, they could SSH into it if they really wanted to dig anyway. I guess I'm trying to limit it to only the really smart kids by doing something like this...
I figured, Windows is easily locked with reghacks (and easily cracked, I might add, yes I know :-), wouldn't it be handy if Linux had an alternative? The overall drift I get is, "forget it it's not worth the trouble"... So... I guess that's what I'll do. :-) [EMAIL PROTECTED] writes: > >> Thanks for the replies I've gotten so far... From them I guess I didn't >> really express clearly what I'm trying to do.. Even being somewhat new >> still to Linux I realize that with the permissions set right the users >> *shouldn't* be able to seriously mess things up like on a windows >machine > >*** That's right (and of course keeping up to date with relevent patches). > >> I just don't want them poking around... how does the expression go >> "ignorance is bliss." ... ? Some people think I'm extreme for this but >> on my windows machines here (particularly lab computers), > >*** I see this alot and is 'natural'. Associating Windows behavior with >Linux. They really dont mix. > >> the c: drive is >> hidden entirely... All they can see is the programs they can run, their >> network drive and the disk drive... (and that's all they need to see). > >*** You think so? ... until some clever kid figures he might be able to >overwrite the Paintbrush program with a "command.com" he downloaded from >the net then launch it by clicking that convienient "Paint brush" menu >choice on his desktop. > > >> That's kind of the same thing I want to do with a graphical shell on >> Linux. Maybe it's totally not worth my while to bother with it... >(hence >> all my references to "practicality"). I would love it if there were a >> file manager program out there that would allow me to set its root >> directory to the user home directory, for example. > >*** It really isnt worth the extended effort. Even if you find such a file >manager graphical shell the smart kid will simply launch a program that >has a "run" option (like StarOffice) and type "xterm" .. viola. Make sure >your permissions are set appropriately, and apply relevent patches and you >should be ok. One other thing I do is something like this (for each >partition): > >cd /usr >find . -xdev -type f | xargs -n 1 md5sum > /root/usr-md5.log > >do the same for / as well. This gives a md5 checksum for every file on >that partition. I then backup the usr-md5.log just-in-case. Then if I >"worry" my machine may have been compromised I simply run the same >commands and compare the two md5 checksums to find out which files have >changed, deleted or have been added. > > > > > > >> >> Maybe I'm just rambling and still not getting out what I want, I dunno. >> It was worth a shot. >> >> [EMAIL PROTECTED] writes: >> >Hi All, >> > >> >I would like to make my users have access to some sort of graphical >shell >> >/ filemanager (which term is more correct?)... Kind of like windows >> >explorer, only I don't want them to have easy access to the server's >> >directory tree. (Since most of them are teenage kids and some of them >> >like to try and "break things") . >> > >> >Any advice how to go about this? >> > >> ><Shot in the dark>: Is it possible (and practical) to use Nautilus or >some >> >other program and set it up in some sort of "chroot jail" (quoting from >> >Linux Magazine) so that they get a "My documents" window with correct >file >> >associations (word docs to open office, jpgs to an image viewer, etc) >but >> >no easy access to outside directories? Anybody done this or can help >me >> >figure out how to do it for several hundred users? (the practical >aspect). >> > >> >I'm currently running IceWM over GDM on RH 7.2. >> > >> >I know they can find ways to get around something like this, but I'm >just >> >trying to make it not so straight forward... while still providing for >> >some measure of convenience O:-) >> > >> >Thoughts? TIA >> > >> >________________________________________ >> >David M. Leuser, II * Assistant Network Administrator >> >New Hampton School * PH/Fax Direct: (603) 677-3451 >> >77 Main Street * New Hampton, NH 03256 >> >- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - >> >"I'm sorry if the correct way of doing things offends you" -- The Unix >> >game of Fortune >> > >> > >> > >> >------------------------------------------------------- >> >This SF.NET email is sponsored by: >> >SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! >> >http://www.vasoftware.com >> >_____________________________________________________________________ >> >Ltsp-discuss mailing list. To un-subscribe, or change prefs, goto: >> > https://lists.sourceforge.net/lists/listinfo/ltsp-discuss >> >For additional LTSP help, try #ltsp channel on irc.freenode.net >> >> >> >> ________________________________________ >> David M. Leuser, II * Assistant Network Administrator >> New Hampton School * PH/Fax Direct: (603) 677-3451 >> 77 Main Street * New Hampton, NH 03256 >> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - >> "I'm sorry if the correct way of doing things offends you" -- The Unix >> game of Fortune >> >> >> >> ------------------------------------------------------- >> This sf.net email is sponsored by:ThinkGeek >> Welcome to geek heaven. >> http://thinkgeek.com/sf >> _____________________________________________________________________ >> Ltsp-discuss mailing list. To un-subscribe, or change prefs, goto: >> https://lists.sourceforge.net/lists/listinfo/ltsp-discuss >> For additional LTSP help, try #ltsp channel on irc.freenode.net >> > ________________________________________ David M. Leuser, II * Assistant Network Administrator New Hampton School * PH/Fax Direct: (603) 677-3451 77 Main Street * New Hampton, NH 03256 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "I'm sorry if the correct way of doing things offends you" -- The Unix game of Fortune ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _____________________________________________________________________ Ltsp-discuss mailing list. To un-subscribe, or change prefs, goto: https://lists.sourceforge.net/lists/listinfo/ltsp-discuss For additional LTSP help, try #ltsp channel on irc.freenode.net
