On 2012 4 19 19:54, "Mike Gabriel" <mike.gabriel@das-netzwerkteam.de> wrote:
>
> Hi,
>
>
> On Do 19 Apr 2012 16:16:09 CEST Terje Andersen wrote:
>
>> Maybe an implementation like the nxacl in FreeNX?
>>
>> Regards,
>> Terje
>>
>
> my vote would rather be using SELinux or AppArmor. I already made an approach on pseudo-ACLs within X2Go, but this would give pseudo-security.
>
> Using SELinux/AppArmor is the far more generic approach.
>
>
Based on the different feedbacks on my proposal, I guess you where mislead by the part 'acl'. The nxacl is a rather misunderstood thing (in my view) that actually are quite great for sysadmins, and others. It's more of a policy tool where one can set policies that are enforced on single users, groups or system as a whole. These policies can also, as an example, enforce settings like which desktop environment a particular group of users should have - regardless of what they set in their clients session configuration. This could also be used to restrict users to only being able to access published applications, if the administrator chooses to.

See here for more information, it's actually a near little feature which is worth a peek:
http://openfacts2.berlios.de/wikien/index.php/BerliosProject:FreeNX_-_HowtoACL

This had nothing to do with filesystem permissions, or ACL. For those who have worked with Group Policies in Active Directory, or Policies in Citrix environments, this should be familiar functionality for you. Something like this would be of use in X2go also in my view, hence my suggestion.

Regards,
Terje