[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [seul-edu] App idea: classroom permissions manager



Tonnesen Steve wrote:

> What I would _REALLY_ like to see is better (more fine-grained) file
> permissions so that I could allow/disallow individual students from
> running a program through the file permissions.  As it is now, I can only
> allow a disallow a group of students to run a program and add all the
> students to that group (and changes to group membership don't take effect
> until the next login).

What you're talking about is ACLs (access control lists).  This is a standard
requirement for systems above the Red Book level of C2 (that's a US military data
security classification).  I don't know if anyone has a functional implementation of
ACLs on Linux yet, although there was talk of something termed "capabilities" a while
ago, although I didn't follow it closely.  If I get a chance I'll find some references
to that stuff and post them for your perusal.

--
Doug Loss                 God is a comedian playing
Data Network Coordinator  to an audience too afraid
Bloomsburg University     to laugh.
dloss@bloomu.edu                Voltaire