-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Monday 03 December 2001 4:11 pm, Michael Brown wrote:
It always irritates me when I have to use a system on which the user interface has been locked down in the interests of 'security'. This is, as far as I can tell, a practice that originates from the days of Windows 95, when you had to lock down the user interface simply because the underlying system didn't provide any security itself. This is not the case with Linux; even if you leave the full user interface exposed there is very little that users can do that will affect anything beyond their own personal settings.
Absolutely true. But would you really want users changing their personal settings (and possibly making a mess -> wasted time for the administrator) when they could be doing more productive things?
We have had no problems with providing "unlocked" user interfaces to both primary- and secondary-age students on both Linux and WinNT platforms. Not a single issue has yet arisen due to students playing around with settings, in over four years.
I personally find that very interesting -- and I doubt it would be that simple in most places. Certainly from my experience, just leaving it like that would be a recipe for disaster.
For the record, and because it's mildly relevant to this discussion, we are currently creating a policy-type configuration tool. The idea is that you don't bother to configure any individual computers on the network (even servers); instead you create configuration rules from which every computer can derive their configuration. For example, you create a rule that says "the proxy server is SERVER1". From this, SERVER1 knows that it must install and start up Squid. Simultaneously, all the other computers on the network know that they must set SERVER1 as the proxy server for all installed browsers. Please note *all* computers and *all* browsers: this rule would apply to Konqueror, Netscape, Galeon, Opera, MSIE, lynx, etc. - the same configuration rule applies to multiple different pieces of software across multiple platforms.
Sounds like a very interesting project. I look forward to trying it out :) - -- Cheers, Chris Howells -- chris@chrishowells.co.uk, howells@kde.org Web: http://chrishowells.co.uk, PGP key: http://chrishowells.co.uk/pgp.txt KDE: http://www.koffice.org, http://edu.kde.org, http://usability.kde.org - -- Cheers, Chris Howells -- chris@chrishowells.co.uk, howells@kde.org Web: http://chrishowells.co.uk, PGP key: http://chrishowells.co.uk/pgp.txt KDE: http://www.koffice.org, http://edu.kde.org, http://usability.kde.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE8C8YwF8Iu1zN5WiwRAj0CAKCZpdDdir7q2oZT3EYZvX1776jNdQCcDEXV yYsoOCKR8N+MyIcQwJIELuI= =f7d8 -----END PGP SIGNATURE-----