Re: GLF- Gnome Lockdown Framework

From: Mark McLoughlin <mark skynet ie>
To: arch enterprise hb se
Cc: Desktop Devel <desktop-devel-list gnome org>
Subject: Re: GLF- Gnome Lockdown Framework
Date: Tue, 02 Mar 2004 17:05:02 +0000

Hi,

On Tue, 2004-03-02 at 09:57, arch enterprise hb se wrote:
> > Desktop lockdown has been discussed previously on this list (google for
> > the discussion), and some people have already added gconf keys for this
> > and started implementing it. 
> >
> 
> I'm well aware that lockdown features have been previously discussed and
> declared as somehing that is *needed* (see eg
> http://mail.gnome.org/archives/desktop-devel-list/2003-October/msg00357.html),
> but there seems to be no *framework* or *standards* settled. Concerning
> implementations, are they done with a policy tool in mind that allows for
> setting per-group, per-user or default policies/permissions?

	You have the right idea, but I think you're coming at the problem from
the wrong angle.

	Basically, what you want is for a system administrator to be able to
define a users settings based on that user's role, right?

	Here's where I think you're missing some fundamental concepts about
GConf:

  + Any setting/preference can be locked down - so why define another 
    framework on top of GConf specifically for settings which we feel
    are "lockdown" settings?

  + Any support for locking down settings based on role/user/group or 
    machine should be done using backends rather than another framework
    on top of GConf. e.g.

      - We already have hacky ways of doing this - say[1] you have two
        sets of people in an organisation and all users had the
        $SOCIAL_STATUS env variable set to either "drone" or 
        "big_bucks_manager" accordingly.

        A sysadmin could then deploy two sets of defaults/mandatory
        GConf databases and change the GConf to use the appropriate
        defaults based on the users $SOCIAL_STATUS. i.e.

        Have, the following distinct set of defaults:

           /mnt/acme.com/drone/gconf.xml.defaults
           /mnt/acme.com/drone/gconf.xml.mandatory
           /mnt/acme.com/big_bucks_manager/gconf.xml.defaults
           /mnt/acme.com/big_bucks_manager/gconf.xml.mandatory

        and setup /etc/gconf/2/path to something like:

            xml:readonly:/mnt/acme.com/$(ENV_SOCIAL_STATUS)/gconf.xml.mandatory
            xml:readonly:/etc/gconf/gconf.xml.mandatory

            xml:readwrite:$(HOME)/.gconf

            xml:readonly:/mnt/acme.com/$(ENV_SOCIAL_STATUS)/gconf.xml.mandatory
            xml:readonly:/etc/gconf/gconf.xml.defaults

        With a setup like this, you could easily do something like 
        funnel the drones through one proxy server (and not allow them
        to change it) and funnel the managers through another, more
        lightly loaded proxy server (and allow them to change) it.
        And then if someone gets promoted, you change their 
        $SOCIAL_STATUS.

      - A solution[2] that wouldn't be a hack would be a new GConf 
        backend that pulls a users default/mandatory settings from LDAP
        based on that users identity. You could then have a nice tool
        for setting up these defaults on a per-role or per-user basis.

Good Luck,
Mark.

[1] - I'm just being very hypothetical - I wish we had some docs on how
to apply ideas like this to real use cases.

[2] - I seem to recall some big company doing something like this. But
it was proprietary. Suck. I can't remember offhand who that was
though...

Follow-Ups:
- Re: GLF- Gnome Lockdown Framework
  - From: arch

References:
- GLF- Gnome Lockdown Framework
  - From: arch
- Re: GLF- Gnome Lockdown Framework
  - From: Alexander Larsson
- Re: GLF- Gnome Lockdown Framework
  - From: arch

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]