'Re: [Ltsp-developer] localapps whitelist options'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ltsp-developer
Subject:    Re: [Ltsp-developer] localapps whitelist options
From:       Gideon Romm <gideon () symbio-technologies ! com>
Date:       2008-12-10 22:51:05
Message-ID: 1228949465.14544.351.camel () bart ! nr ! symbio-technologies ! com
[Download RAW message or body]

Well, for your OPTION #1, we can always take just the first argument of
LTSP_COMMAND as the executable.  That is i [ "$cmd" = "$(echo
$LTSP_COMMAND -d\  -f1)" ]; then ....

That should work (unless the command is prefixed with sudo or some other
helper).


In other LOCAL_APPS news....

I would like to rework the LOCAL_APPS_MENU stuff such that one can
either have the LOCAL_APPS_MENU automatically generated from
all .desktop files, or one can specify: LOCAL_APPS_MENU_ITEMS =
"firefox, skype, blah"  so only those .desktop files are included in the
menu.

-Gadi

On Wed, 2008-12-10 at 17:11 -0500, Warren Togami wrote:
> <Unspecified individual> wants the ability to lock down LTSP hybrid 
> clients to run only specified applications with ltsp-localappsd.  I 
> believe upstream might be good with an optional whitelist that is 
> disabled by default.  Vagrant agrees.
> 
> OPTION 1: ALLOW ONLY SINGLE COMMANDS
> ====================================
> LOCAL_APPS_WHITELIST="/usr/bin/xterm /usr/bin/gcalctool"
> # This option comes from lts.conf.
> for cmd in $LOCAL_APPS_WHITELIST; do
>      if [ "$cmd" = "$LTSP_COMMAND" ]; then
>          echo "Executing $cmd"
>      else
>          echo "Rejecting $LTSP_COMMAND"
>      fi
> done
> 
> This would be the easiest to implement and confirm that it works in a 
> secure fashion.  The key drawback however is it is impossible to run 
> multi-word commands like:
> 
> ltsp-localapps /usr/bin/gimp /home/username/test.jpg
> 
> Perhaps this is not bad, because you can do this in the default 
> configuration where any application is allowed to be executed.
> 
> OPTION 2: PASS ALL OPTIONS TO A POLICY ENFORCEMENT SCRIPT
> =========================================================
> Alternatively, a lts.conf option could direct ltsp-localappsd to pass 
> the entire command line to an arbitrary wrapper script.  That script 
> internally decides if something should be executed or not.
> 
> ltsp-localapps /usr/bin/gimp /home/username/test.jpg
> (received by ltsp-localappsd)
> (executes)
> /usr/bin/arbitrary-localapps-wrapper /usr/bin/gimp /home/username/test.jpg
> (internally decides it is OK to execute this)
> (runs it)
> 
> Any opinions about which path we should take, or any better ideas?  I'm 
> leaning towards #1 because it is far simpler and self-contained.  Or 
> perhaps we do #2, with #1 as the simple provided policy wrapper.  The 
> deployer can decide to replace the wrapper script?
> 
> Warren Togami
> wtogami@redhat.com
> 
> ------------------------------------------------------------------------------
> SF.Net email is Sponsored by MIX09, March 18-20, 2009 in Las Vegas, Nevada.
> The future of the web can't happen without you.  Join us at MIX09 to help
> pave the way to the Next Web now. Learn more and register at
> http://ad.doubleclick.net/clk;208669438;13503038;i?http://2009.visitmix.com/
> _____________________________________________________________________
> Ltsp-developer mailing list.   To un-subscribe, or change prefs, goto:
>       https://lists.sourceforge.net/lists/listinfo/ltsp-developer
> For additional LTSP help,   try #ltsp channel on irc.freenode.net
-- 
--------------------------------------------------------
Gideon Romm | Proud LTSP Developer
ltsp@symbio-technologies.com

Support LTSP!  Buy your hardware at:

        www.DisklessWorkstations.com
        www.DisklessThinClients.com 
 
(use coupon code: LTSP5P for 5% off thin clients from DisklessThinClients.com)


------------------------------------------------------------------------------
SF.Net email is Sponsored by MIX09, March 18-20, 2009 in Las Vegas, Nevada.
The future of the web can't happen without you.  Join us at MIX09 to help
pave the way to the Next Web now. Learn more and register at
http://ad.doubleclick.net/clk;208669438;13503038;i?http://2009.visitmix.com/
_____________________________________________________________________
Ltsp-developer mailing list.   To un-subscribe, or change prefs, goto:
      https://lists.sourceforge.net/lists/listinfo/ltsp-developer
For additional LTSP help,   try #ltsp channel on irc.freenode.net
[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic