Re: Restricted view of the filesystem

[guenther <guenther rudersport de>]

On Sat, 2007-07-07 at 02:58 +0530, Sayamindu Dasgupta wrote:
> On 7/7/07, guenther <guenther rudersport de> wrote:
> >
> > > In a deployment scenario, the desktop administrator should ideally be
> > > able to define a restricted set of directories which users in a
> > > profile will be able to view.  For example, a user may only be allowed
> > > to view the contents of his home directory and its subdirectories.
> > [...]
> >
> > > Thoughts/comments/suggestions are welcome :-).
> >
> > Clearly, this is just about defining "a view", not security related in
> > any sense of the word, right?
> 
> No - this is not at all security related.

OK then. You might just as well have ignored the rest of my post in that
case. :-)


> > If you are thinking security, this is the wrong approach. File ownership
> > and permissions do this, or ACLs. This is not the duty of the graphical
> > interface to handle and enforce. Can these users log in via a virtual
> > terminal? Can they launch gnome-terminal, xterm, bash... Or even emacs?
> 
> No - they cannot. This kind of restriction would be implemented along
> with the other lockdown options
> (/desktop/gnome/lockdown/disable_command_line) :-)

Please note that there still are a couple of ways to break out of a
locked down desktop. Or at least, it has been last time I checked.

  guenther


-- 
char *t="\10pse\0r\0dtu\0  ghno\x4e\xc8\x79\xf4\xab\x51\x8a\x10\xf4\xf4\xc4";
main(){ char h,m=h=*t++,*x=t+2*h,c,i,l=*x,s=0; for (i=0;i<l;i++){ i%8? c<<=1:
(c=*++x); c&128 && (s+=h); if (!(h>>=1)||!t[s+h]){ putchar(t[s]);h=m;s=0; }}}