Controlling changes to user settings

Basil Fowler bjfowler at chanzy.fsnet.co.uk
Sun Jan 5 09:20:35 GMT 2003 

A few extra comments.

KDE should be installed system wide by root in either /usr/ or /opt 
directories ( distro dependent ) This provides a locked system.  But in 
addition, each user has a .kde directory in his/her /home directory.  This is 
under the user and that user only's control.  Such thing as backgrounds or 
font sizes can be set individually.   

The user can do what he / she likes within the personal directory, but at the 
worst can only foul up his / her personal nest.  The key files will remain 
untouched.  This is one reason why Linux is virus resitant.

You might also read up about the Red Hat User Private Group system, which 
simplifies the administration of sets of files where only a sub-group of 
users are allowed access.

Remember that Linux is a Unix clone, and Unix was designed from ground up as a 
multi user system.  Such problems of access and control has been encounted 
and solved before Bill Gates had even bought his first Altair, and there was 
no such thing as a GUI.

Indeed many of the features of MS-DOS 2 were poached directly from UNIX!!

Another point - Linux-KDE is rather like the MS-DOS 6 / Windows 3.1 
combination.  The GUI is NOT integrated with the OS ( Linux ).  As JRT says, 
control is applied at the OS level, so you should master the simple console 
commands.  In the case of trouble, it is a relief not to have to the 
additional rigidity and complexity of a GUI to consider. 

In my system I always boot into a text mode console, log in to the console, 
and then start the GUI separately form the command line.

For certain applications, such as servers, a GUI is unnecessary, and it is not 
used.

Hope this helps

Basil Fowler

On Sunday 05 Jan 2003 04:38, James Richard Tyrer wrote:
> Lee W wrote:
> > Hi All,
> > 
> > I am in the process of trying to convince the company I work for to get
> > away from Windows and over to Linux.
> > 
> > One of the concerns my bosses have is that of controlling what users can
> > & cannot do.  Directly they require to be able to control what settings
> > users can change (for those familiar with Windows NT/2000 I think it is
> > called a "Mandatory Profile").
> > 
> > I have already reads the docs on gnomes site and can see that it is able
> > to perform this level of control.  However having looked at KDE's site
> > and the docs as well as searching the list archives I cannot find any
> > information on these sorts of features.
> > 
> > Does anyone know if this level of control is possible with KDE.
> > 
> A great deal of the control you need is available in Linux.
> 
> If the files and directories you want to control are owned by 'root:root', 
you can prevent the 
> user from writing to them.
> 
> In a directory, no write permission means that the user account can NOT add 
or delete files.
> 
> If a configuration or: "*.desktop" file is root:root:644, the user can use 
the file but can NOT 
> modify it.
> 
> Note that there are a few KDE configuration files that must have user write 
permission but most 
> of them can be locked down.
> 
> --
> JRT
> 
> ___________________________________________________
> This message is from the kde mailing list.
> Account management:  http://mail.kde.org/mailman/listinfo/kde.
> Archives: http://lists.kde.org/.
> More info: http://www.kde.org/faq.html.
> 
> 

___________________________________________________
This message is from the kde mailing list.
Account management:  http://mail.kde.org/mailman/listinfo/kde.
Archives: http://lists.kde.org/.
More info: http://www.kde.org/faq.html.

More information about the kde mailing list