[Kde-kiosk] kmail
Ask Holme
ask at eternal-newbie.dk
Sun Jun 27 16:02:02 CEST 2004
Segedunum <segedunum at actuaria.co.uk> wrote:
>
> The problem is that users still have access to the files. This is like trying
> to lock down Windows 9x (or any version of Windows) or trying to jump on
> every single mole hill in a field. It just isn't a secure enough and it will
> come back and bite you as there is always a way around it. Permissions at the
> source, perhaps in combination with action restrictions, is the way to go
> here.
Well my users can also use their browser or document editor to make a
script that copies /usr/kde/3.2 to their own homedir removes the
lockdown symbols and then runs kde with a different KDEDIR environment
variable..... Security does not extend beyond unix permissions. And if
the programs in question cannot handle the permissions an admin want (in
the question is was clearly stated that making root own the mails would
cause kmail til crash) then the admin has 2 choices, 1. is to code hack
kmail so it won't crash. 2. is to go for the 2. best solution and lock
the obvius ways - offcourse the 2. way won't be bullet proof, but it
will lock off most people. anyway the pop3 cronjob solution is allso a
nice alternative.
--
Ask Holme
"<+lisa`> well, sometimes, when the moon is right i like to print out
the source code to the Linux kernel, scatter them on the floor, lube
myself up and roll around in the printed code."
More information about the kde-kiosk
mailing list