On 10/04/2011 03:08 AM, Alan Bourke wrote: > > On Tuesday, October 04, 2011 9:33 AM, "Paul Hill" > <[email protected]> wrote: > >> Or terminal services/remote desktop. Runs just like a local app. >> >> You don't need to provide the whole desktop to the user, you can just >> serve your app. > > We have many sites using TS - it is the only way we support remote > usage. > > The other thing that this approach brings is the ability to 'sandbox' > your application and get around the inherent insecurity of DBF files. > > We have a customer who are very locked-down security-wise, and we had to > pass an audit in this respect. They couldn't have a situation where even > legit users could browse to the application data folder in Windows and > mess around with the DBF files. > > So we set up a special user with the appropriate rights and removed > those rights from the normal Windows logins, thus stopping them being > able to see the DBF files. We then set up a remote desktop connection > set to log in as the special user, and to run our app automatically. We > saved this as a .RDP file and put it on each desktop. So when the user > clicks on it it starts a TS session, logs in as the special user and > runs the app. They don't get a desktop or anything and have no way to > 'shell out'. Once they close the application the TS session terminates. > So it's completely sandboxed. > > I have a large customer on terminal services. Although not perfect, it has been working great for about 10 years. I also have a large application which is a desktop application that connects to a data file server on an internal wide area network. This is the best solution for me. The problem is, I have a small customer that has to have his application on the Internet and he won't listen to reason. I told him to take the application and hire someone to make it into a web application. Problem solved. ;^)
Jeff --------------- Jeff Johnson [email protected] (623) 582-0323 www.san-dc.com _______________________________________________ Post Messages to: [email protected] Subscription Maintenance: http://leafe.com/mailman/listinfo/profox OT-free version of this list: http://leafe.com/mailman/listinfo/profoxtech Searchable Archive: http://leafe.com/archives/search/profox This message: http://leafe.com/archives/byMID/profox/[email protected] ** All postings, unless explicitly stated otherwise, are the opinions of the author, and do not constitute legal or medical advice. This statement is added to the messages for those lawyers who are too stupid to see the obvious.
