Is there a way to setup a white list for some of the users on a machine?
It would be a list of URLs allowed to be accessed by children. Adult accounts would not use the white list.
Thanks!
The only way I can see but I haven’t got a clue how you would do it on a per user basis is perhaps opendns. OpenDNS | Providing A Safer And Faster Internet
Now what I noticed is it will apply different policies accordingly to network… Web Content Filtering with OpenDNS | Linux Journal
OpenDNS > Solutions > K-12 School > Web Content Filtering
Now if the adults always use xxx.xxx.xxx.xxx then it works but if both use the same I wouldn’t even know where to begin or how you would/could implement it. Guessing something psuedo like
if $USER in GROUP then ifconfig xxx.xxx.xxx.xxx
Still not sure this is whitelisting as such, and I guess like you I struggled to find a solution. The normal one is dansguardian but this is blacklisting.
This can be easily done in Windows. MS Internet Explorer has a content manager that can be configured with a dummy content rating site and then you add URLs that are also allowed. The result is that only those URLs from your list are allowed.
It is unfortunate as I would like to stop using Windows but more and more things are problem under Linux.
Is strange that it can’t be done as easily hopefully someone else may have some better ideas.
Having not used MS for a long time, so I’m not aware of those ways, but that seems to be by user tuned browser configs, wouldn’t even know where to begin.
I was looking for a link how to do it with MS Windows but couldn’t find it. Let me know if you need it and I will find it.
Found it!
WWW FAQs: How do I restrict access to Internet Explorer so that only certain sites can be visited?
This is as “easy” as it is ineffective (but to be fair, the article states this very clearly).
B2T:
You are looking for squid or (perhaps, not 100% sure if it can do this) privoxy.
Most modern routers also offer similar features and taking the software doing this job off the machine to be restricted is also the only good way to secure it against manipulations (running such code on the machine to be restricted is always prone to manipulation).
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Agreed. If you want to prevent somebody from going somewhere on a
computer you need to lock down the computer from outside itself and not
just one application or the computer itself. Popping in a CD/DVD to get
around this would be even easier than the “securing” of IE, and installing
any other web browser (Firefox, Opera, Chrome) would take approximately
one minute after the download was complete (assuming it wasn’t on some
other form of media). If you stick with windows just for this feature
you’re going to be disappointed when the kids still end up on a site that
is not an ideal destination for them. FeatherMonkey and Akoellh have some
other options that prevent the computer from either being able to resolve
those sites (OpenDNS on its own) or from being able to pull their contents
down after resolution (Squid), both of which would be significantly harder
to circumvent even with full access to the computer in question (assuming
they were implemented at the gateway or something like that).
Good luck.
Akoellh wrote:
> This is as “easy” as it is ineffective (but to be fair, the article
> states this very clearly).
>
> B2T:
>
> You are looking for squid or (perhaps, not 100% sure if it can do this)
> privoxy.
>
> Most modern routers also offer similar features and taking the software
> doing this job off the machine to be restricted is also the only good
> way to secure it against manipulations (running such code on the machine
> to be restricted is always prone to manipulation).
>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iQIcBAEBAgAGBQJKBx09AAoJEF+XTK08PnB5/80QAM4B1R3KeQVXGIpJ3nXkVZ1u
edZTI3mvRYi9tTHIb0Di87kBOfgwtPlbMhfv+IVV+NE2JuLKQ6NJv0p3hK2HKPJo
LuJGq2HrDTKeYVMSVJOlXqSC5nQqxW24hLZwvHkDhKhbYNo8fUzlrCIBVv3oXkY+
hZ4FTJZsuNS4rCQU67trJ4ygqq3wE6JJMeyD6ohSMFY0LuYuw/m1Sc5YafKxXk0A
FCEivpiPpUqEM9SWvcJqhNuve0qJAbNjuxSggWcLMBNjeSg/tC5fIgrUHF1tSvGT
KYcQi4lXIii/c5fvbE9W5rYGK79Wctyve8yfZVUNkjDQ6xInn0cce8bcHgcis/G1
FHAaZ/9N8hl1nSr1WL9sQaF3gMyTIy8O/dwZz/tXqr4qHlV8N4CYA22jbXaIlBEl
8niqwN0JOt4vvh85GrndQfSM91g0/4yf/SbRrHfTE0Se0rhw1eDB2LgEDJCgUypz
AodxGNEH9T30lNXt9B1fbXkkzGo8eTW3Rry1koMLgeZiBWqbKJHPOrd+x4phXJLv
lr/Z8Yw8Lp8Z6PJFwXiGfbJnwaUtjCkIU5B9zxubDA51BW5Q6EgH0HepY2gf6XbM
ptD6lvSbjklAhUf3011SqHlIyyYZ92YOqvfaV8Y3TDEVOyxENX25v2x+L6VNUDUy
R79i0I8L1c5BaYYeCMnl
=+TyN
-----END PGP SIGNATURE-----
I am talking about really small kids here. It is so simple with Windows and so difficult with Linux which is quite disappointing. I hoped that it would be so easy for “network oriented” OS.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Add one of the dozen extensions that Google turned up for Firefox, but
still be prepared when they aren’t limited completely:
https://addons.mozilla.org/en-US/firefox/addon/4351
http://softwaregadgets.gridspace.net/2007/04/filterfox-free-content-filter-for-firefox-discovery/
Good luck.
ozvena wrote:
> I am talking about really small kids here. It is so simple with Windows
> and so difficult with Linux which is quite disappointing. I hoped that
> it would be so easy for “network oriented” OS.
>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iQIcBAEBAgAGBQJKB4qqAAoJEF+XTK08PnB5mnkP/jD+GTaxOVjvQ/boyfTJOnEV
JS+88YLY6BhdeYvWhdqdHYfrMD14A7N7o7y4lE0sQXDBIwgM10Btwsr2Jbj8G8/q
/McKLfxQtXeZsr/K7zOkKry2d6QkKiRrpS4XZ+6MzJfjrJXbdbzIcuPK2CHD4zbA
wKFbtPmBaBq071F3qOx3tCBeRIxaxW5OMdQzrPmrHlIFHJlsEz7QncY0O15asMOn
8iREbMkNzfT/hBALmqkVPxR+qOjSrDJ4007nnCLzfCN1IRXgmThZe4oiqPF98k4y
eczE+8YK0/zBZmfA7BZ/GzG7l/IiTtGqaQQv+IM69RuI3KDdZtvC2ud1yaxW5S2P
nWAeaQpUDWbw6+b9sAFbJNwO4cOf2nbxadSdXjz1Wy/AhUy2V7DJ05s6WlqoXj9V
R/jibk+GpVJdQSjmh1Vtb5kBLtclreJJPE13zCKSMIo6AMvT4vIsdWwMPu/TT82C
U3rmoLw1n/HDRJLFeDn42P27GaOQdGFhUtFz3GNNu/57/fThVnH9jQyCx4FxqsDz
TqCk0EKxG6uMO/6daeIGifOY51MsbiLX4HfYMQcOcTtFmmY+rqcR8XaCZGfelOiG
ujwNDpZGDqYZYlIq6bCfgkbzhtRMLbJSt17q9/ezH/x/HvieorAzH7EZNY8DBwds
KCKSDJkJv3daqxaPCO2h
=1J8+
-----END PGP SIGNATURE-----
ozvena wrote:
> I am talking about really small kids here. It is so simple with Windows
> and so difficult with Linux which is quite disappointing. I hoped that
> it would be so easy for “network oriented” OS.
if all you want is something like IE has, then use Firefox and learn
how to set it up…start here:
http://support.mozilla.com/en-US/kb/parental+controls
the IE stuff is EASY to work around (any horny 13 year old boy and
prove THAT to you)…the folks trying to help you here were trying to
lead you to a REAL block…
Firefox has more, and better controls than does IE…simply…
–
somebody_else
ozvena adjusted his/her AFDB on Monday 11 May 2009 02:26 to write:
>
> I am talking about really small kids here. It is so simple with Windows
> and so difficult with Linux which is quite disappointing. I hoped that
> it would be so easy for “network oriented” OS.
>
>
Umm, maybe I am not reading this right but if the children ( bless `em )
are logged into their own account on the box surely you can just open
firefox configured up to only allow certain sites?
so adults have their own account with their own settings.
You can then if needed lock down the kids account to not allow them to alter
any of the config files and not be able to execute any binaries you do not
want them to.
Why has no-one thought of this before it would just be like a Cyber Cafe
they could call it something like um… kiosk Oh.
Yast>software management>search>Kiosk
HTH
–
Mark
Nullus in verba
Nil illigitimi carborundum