Den 20. april 2012 08:26, skrev Moritz StrĂ¼be:
Am 20.04.2012 01:26, Terje Andersen schrieb:
This had nothing to do with filesystem permissions, or ACL. For those who have worked with Group Policies in Active Directory, or Policies in Citrix environments, this should be familiar functionality for you. Something like this would be of use in X2go also in my view, hence my suggestion. Due to the way x2go works this would install pseudo-security. It was hard work getting rid of that in x2go and significantly improving the overall security in x2go by doing so. Therefore, if you see your suggestion as a way of distributing different configurations to different clients, it might be worth a second thought, as it saves one from having to mess with user rights when distributing. If you want to keep someone from running a certain application, this is the wrong way.
Hi Morty and list,
My suggestion was about enforcing configuration, yes.
I'm sorry that I didn't explain my point good enough in my previous email, but if you look at the page I linked to, you will hopefully see the value in something like the (wrongfully named) nxacl.
http://openfacts2.berlios.de/wikien/index.php/BerliosProject:FreeNX_-_HowtoA...
This is similar to what NoMachine calls User Profiles which consists of rules (in their terminology). http://www.nomachine.com/documents/admin-guide.php (chapter 8)
In my view, being able to enforce or restrict
- what kind of session the user(s)/group(s) should be able to access/use
- what kind of bandwidth (LAN/WAN/ADSL/dialup)
- printing for certain user(s)/group(s)/server(s)
- clipboard - only at server or client
- use of shared folders (for the x2go session)
- many more possibilities
... is valuable.
If it should be implemented, that's not for me to say (although I would love it if it was), it was a suggestion on how to solve this question:
"2) Is the a way to configure x2oserver to accept only "published applications" without any desktop environment ?"
Best regards, Terje