I take it that the 'clients' are Windows 95/98/ME .... or DOS with a GUI made to look as if its not DOS. Its not really preemptive multitasking.... and of course, as you have discovered, it has no local security - only a veneer that gives an impression of security via 'policies' either applied locally (and indivually) or globally via an NT domain. Is it possible to -remove- explorer and place it on the server where you can deny/allow execute access? ----- Original Message ----- From: Darren Garside <darren.garside1@virgin.net> To: Suse <suse-linux-uk-schools@suse.com> Sent: Sunday, February 11, 2001 7:41 PM Subject: [suse-linux-uk-schools] Disabling the 'windows' key
I'm doing the samba (ver. 2.0.5) at the moment and enjoying myself. I've set samba up as my NT login controller and used policy editor to disable access to windows unless properly logged in. I'm feeling good, I think I have secured access to the workstations. Within ten minutes of this new setup one of my more persistent Y6's have circumvented the whole setup by hitting the windows key (or CTRl-ESC) and running explorer from the task manager. Once the login window is dragged out of the way the children have unfettered access to the local harddrive.
1) How can I disable the windows key/CTRL-ESC shortcut? 2) Is there any way to limit access to the local harddrive even when someone is legitimately logged on?
Running a Suse 6.4 server, on a 10-client win95 network, using samba for shares.
Many thanks
Darren Garside Freshford Primary School Bath