[K12OSN] Limit system access/security

• Messages sorted by: [ date ][ subject ][ author ]
• Next message: Steve "RE: [K12OSN] Open Office/Star Office"
• Previous message: Jack Palmadesso "Re: [K12OSN] New Server"

Well, the boxes have been up for a week, and the time for my big boys (grade 
12s) to get log-ons came a few days ago.

I came in to my room after lunch to find the boys ssh'ed into their boxes at 
home using their Icewm prefs from their home boxes...

They had probably put the server through its paces over lunch, and I found 
tar files in their homes.  So, I closed down their gateway, chmoded 700 to 
ssh, telnet, ftp, ncftp, konsole, gnome-terminal, and ... more but I can't 
remember.  The only way out is relayed through DansGardian and it stops mime 
types for almost everything.  The boys also created custom .icewm holders in 
their homes, so I've chmoded -R these to 700 for the time being.

I tried to stop access to xterm, but this is required for and called by 
gtypist.

I don't really want the students to have access to xterm or any other 
consoles.  I was looking forward to having not to worry about system 
security for another month or so...  Then I'm contemplating moving my 
Information and Technology classes onto the K12LTSP for C++, HTML, and Java. 
  I'll need more features by then, but I wanted a breather for a month or 
so.

I don't want the students to have the ability to transport files into my 
school.  Any advice will be appreciated.  I forgot to restrict scp... oh 
boy...

Jim


_________________________________________________________________
The new MSN 8: smart spam protection and 2 months FREE*  
http://join.msn.com/?page=features/junkmail



_______________________________________________
K12OSN mailing list
K12OSN@redhat.com
https://listman.redhat.com/mailman/listinfo/k12osn
For more info see 

• Next message: Steve "RE: [K12OSN] Open Office/Star Office"
• Previous message: Jack Palmadesso "Re: [K12OSN] New Server"