On 7/10/07, guenther <[EMAIL PROTECTED]> wrote: > On Sat, 2007-07-07 at 02:58 +0530, Sayamindu Dasgupta wrote: > > On 7/7/07, guenther <[EMAIL PROTECTED]> wrote: > > > > > > > In a deployment scenario, the desktop administrator should ideally be > > > > able to define a restricted set of directories which users in a > > > > profile will be able to view. For example, a user may only be allowed > > > > to view the contents of his home directory and its subdirectories. > > > [...] > > > > > > > Thoughts/comments/suggestions are welcome :-). > > > > > > Clearly, this is just about defining "a view", not security related in > > > any sense of the word, right? > > > > No - this is not at all security related. > > OK then. You might just as well have ignored the rest of my post in that > case. :-)
:-) > > > > > If you are thinking security, this is the wrong approach. File ownership > > > and permissions do this, or ACLs. This is not the duty of the graphical > > > interface to handle and enforce. Can these users log in via a virtual > > > terminal? Can they launch gnome-terminal, xterm, bash... Or even emacs? > > > > No - they cannot. This kind of restriction would be implemented along > > with the other lockdown options > > (/desktop/gnome/lockdown/disable_command_line) :-) > > Please note that there still are a couple of ways to break out of a > locked down desktop. Or at least, it has been last time I checked. > I admit that there are pretty large holes. I help with a few deployments myself, and I have seen people getting access through the terminal using Anjuta (the built in shell). I think Federico (my mentor in the SoC) knows someone who is trying to make a list of possible ways through which someone can gain access to the shell while using the desktop, so we might use that list to plug in the holes. Cheers, Sayamindu -- Sayamindu Dasgupta [http://sayamindu.randomink.org/ramblings] -- nautilus-list mailing list [email protected] http://mail.gnome.org/mailman/listinfo/nautilus-list
