-tictech message:
Tony,
Why are you guys so worried about the Finder?
Kirk
On Monday, May 6, 2002, at 11:41 PM, Anthony Hand wrote:
> -tictech message:
>
> Dear Folks,
>
> There has been some concern about security issues associated with the
> use
> of the Mac OSX operating system in our schools. We share some of these
> concerns at Hale and have carefully secured our machines to operate on
> OS9
> only, pending release of additional security measures by Apple. However,
> only a little study was required to realize that securing OSX was within
> the reach of personnel who possess a basic background in UNIX and some
> understanding of security issues. Furthermore, because almost all of
> these
> configurations are scriptable, easily securing OSX is potentially within
> the reach of everyone...assuming someone provides a script, disk image
> or
> GUI installer.
>
> Our prototype completely restricts the command line, prohibits all
> browsing of the harddrive, eliminates the the Finder's capabilities,
> removes the ability to connect to other networked machines via the "Go"
> menu, prohibits changes to global preferences, confines launching of
> applications to the dock, and recopies the entire user environment on
> each
> login. This latter function allows the user to make some changes to
> their
> environment during their session without compromising the system for the
> next user. All of this was done from the command line, and required no
> additional software.
>
> Some of these restrictions are rather severe in my opinion and we hope
> to
> safely restore some of the capabilities which we've eliminated. But our
> configuration does allow students to safely use OSX and experience
> something of its "look and feel", take advantage of its stability, and
> use
> the new OSX applications.
>
> If you're interested, complete documentation for how this was done is
> located at:
>
> http://hale.ssd.k12.wa.us/~tonyh/osx-secure.html
>
> *** tony
>
> ---------------------------
> Tony Hand
> tghand@seattleschools.org
> Technology Coordinator
> Nathan Hale High School
> Seattle School District
> ---------------------------
>
> -end tictech message. To join, leave, or visit
> the message archive, go to tictech on the Web:
> http://www.earthdaybags.org/tictech/
>
_____________
Kirk Godtfredsen
kirkg@apple.com
206-860-0714
-end tictech message. To join, leave, or visit
the message archive, go to tictech on the Web:
http://www.earthdaybags.org/tictech/
This archive was generated by hypermail 2b29 : Wed May 08 2002 - 07:58:04 PDT