Hi Craig,
just thank's a lot for that idea:
Craig Ringer schrieb:
On Mon, 2004-11-01 at 20:27, Jaime wrote:
I work in a publish school in the US and am considering LTSP for our younger students. The problem is, a significant number of them have paperwork from their parents that forbid them from using the Internet while allowing them to use computers in general. The way that we do this on our Macintosh systems is to sort students into two "workgroups." One of them doesn't allow the user to launch certain programs, e.g. web browsers, FTP clients, etc. while the other one does.
If you want to control execute permissions, other have answered that (and you also have ACL support in modern Linux as another option).
You do have another option regarding access control at the network level, though - iptables per-user filtering. Check out the 'owner' iptables module, specifically the --uid-owner and --gid-owner restrictions.
That way, even if they do manage to run a the browser, they won't get very far.
I've got a solution with that running, it drops all outgoing traffic for a certain class. My solution is a combination of a little app that makes it possible for the teacher to choose a class for blocking and to unblock it later, and a script which actually sets the barriers.
There's only one drawback: all students must be logged in when applying the barrier as for some unknown reason, no one (of those blocked) will be able to log in with the block set (KDE login fails). But this doesn't bother us here, otherwise it seems to run well up to now.
Rolf
-------------------------------------------------------
This SF.Net email is sponsored by: InterSystems CACHE
FREE OODBMS DOWNLOAD - A multidimensional database that combines
robust object and relational technologies, making it a perfect match
for Java, C++,COM, XML, ODBC and JDBC. www.intersystems.com/match8
_____________________________________________________________________
Ltsp-discuss mailing list. To un-subscribe, or change prefs, goto:
https://lists.sourceforge.net/lists/listinfo/ltsp-discuss
For additional LTSP help, try #ltsp channel on irc.freenode.net
