[plug] Prevent downloads
Kai
vk6ksj at westnet.com.au
Thu May 8 14:05:33 WST 2003
I haven't been following this thread too much but if the machines are
running Windows ("even Outlook Express type mail" leads me to believe
they are); use something like WinSelect to disable saving anything, if
the machines are using Linux I know there's a HOWTO somewhere that tells
you how to customise the desktop so on boot the only thing that's loaded
is a browser Window and no access is available to the desktop at all.
I think it's here somewhere -
http://www.linux.org.au/LDP/HOWTO/HOWTO-INDEX/howtos.html
James Elliott wrote:
> The PC's in the Telecentre in question need to access Hotmail for tourists
> and the Internet on a Read and (maybe) Print only basis .... there is no
> need to download any executable file ....but school kids are doing it !
>
> So the question is "How to browse the Internet, including Hotmail, without
> allowing users to download files" - even Outlook Express type mail is not
> needed, just web mail like Hotmail.
>
> James Elliott
> ----- Original Message -----
> From: "Craig Ringer" <craig at postnewspapers.com.au>
> To: <plug at plug.linux.org.au>
> Sent: Thursday, May 08, 2003 11:42 AM
> Subject: Re: [plug] Prevent downloads
>
>
>
>>>What is it that you can
>>>impose a 0 byte limit on? Is it based on MIME types and trust in the
>>>host web server to deliver truthful/correct MIME types?
>>
>>Arrggh. I wouldn't even think about that. The number of servers that
>>send text/plain for:
>>.bz2
>>.arj
>>.deb
>>.rpm
>>and (most worrying perhaps that I've encountered)
>>.pdf
>>is scary.
>>
>>Now, to be strictly accurate, a 0byte limit on dl sizes would be /very/
>>effective indeed. Unfortunately, I don't think the side-effects would be
>>overly desireable (no web access at all).
>>
>>
>>>Unless these people need to view PDF files...or games disguised as PDF
>>>files :)
>>
>>Flash games are another issue. Personally I'm happy they're around,
>>because when someone brings their child into work and sits them down on
>>a 'doze box, they can happily potter out to their favourite site and
>>play things WITHOUT MESSING WITH THE COMPUTER. (there's just no way of
>>stopping them doing this, they just don't understand that children may
>>install things that cause problems - and locking down win98 isn't a
>>practical option).
>>
>>
>>>Perhaps
>>>http://www.rsbac.org/? Perhaps the simplest method could be to put all
>>>user-writeable areas (incl. /tmp, /var/tmp, /home, etc) into mount
>>>points that don't have binary execution privileges. Can't prevent
>>>downloading, but would prevent execution (albeit with possibly
>>>unintuitive error messages?).
>>
>>Actually, "permission denied" is almost exactly the error I'd want.
>>Other than "quit trying to use the PCs for gaming you little turd" of
>>course *grin*
>>
>>Unfortunately, I think the question was about 'doze clients, so I'm not
>>entirely sure why its on PLUG. Whatever.
>>
>>
>>
>
>
>
>
More information about the plug
mailing list