[X2Go-Dev] Published Applications
Terje Andersen
teranders at gmail.com
Fri Apr 20 01:26:57 CEST 2012
On 2012 4 19 19:54, "Mike Gabriel" <mike.gabriel at das-netzwerkteam.de> wrote:
>
> Hi,
>
>
> On Do 19 Apr 2012 16:16:09 CEST Terje Andersen wrote:
>
>> Maybe an implementation like the nxacl in FreeNX?
>>
>> Regards,
>> Terje
>>
>
> my vote would rather be using SELinux or AppArmor. I already made an
approach on pseudo-ACLs within X2Go, but this would give pseudo-security.
>
> Using SELinux/AppArmor is the far more generic approach.
>
>
Based on the different feedbacks on my proposal, I guess you where mislead
by the part 'acl'. The nxacl is a rather misunderstood thing (in my view)
that actually are quite great for sysadmins, and others. It's more of a
policy tool where one can set policies that are enforced on single users,
groups or system as a whole. These policies can also, as an example,
enforce settings like which desktop environment a particular group of users
should have - regardless of what they set in their clients session
configuration. This could also be used to restrict users to only being able
to access published applications, if the administrator chooses to.
See here for more information, it's actually a near little feature which is
worth a peek:
http://openfacts2.berlios.de/wikien/index.php/BerliosProject:FreeNX_-_HowtoACL
This had nothing to do with filesystem permissions, or ACL. For those who
have worked with Group Policies in Active Directory, or Policies in Citrix
environments, this should be familiar functionality for you. Something like
this would be of use in X2go also in my view, hence my suggestion.
Regards,
Terje
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.x2go.org/pipermail/x2go-dev/attachments/20120420/da79d659/attachment.html>
More information about the x2go-dev
mailing list