Security Basics mailing list archives
RE: Rights
From: "Jeffery Adam" <jadam () seark edu>
Date: Thu, 29 Jun 2006 16:28:01 -0500
Yes the user can install applications and use the application if the installation does not require a reboot. When the system is rebooted the application is completely gone, the same as if the system had been re-imaged If it is necessary for an application to be installed permanently someone from IT can temporary disable deepfreeze with a password to install the application. As I understand the explanation of how this product works Deepfreeze loads as a kernel module long before there is a desktop. the actual installed operating system and applications are never touched while the system is running frozen instead deepfreeze creates a virtual copy of the file in free space and alters that copy. After a reboot the virtual disk containing the changes is disregarded restoring the computer to a state before the user ever had access to the system. -----Original Message----- From: David Smith [mailto:nich95ds () gmail com] Sent: Thursday, June 29, 2006 2:55 PM To: security-basics () securityfocus com Subject: RE: Rights When you say "any action", does that include installing applications? If so, will the application be completely uninstalled upon reboot? -----Original Message----- From: Jeffery Adam [mailto:jadam () seark edu] Sent: Thursday, June 29, 2006 8:12 AM To: security-basics () securityfocus com Subject: RE: Rights I work at a 2 year college with roughly 600 computers. In almost all of our student labs we rename the local machine administrator account and use it as the standard student logon, giving the student and the instructor apparent full control of the system. We have instead protected the system with a third party application called deepfreeze http://www.faronics.com/html/deepfreeze.asp . This has drastically reduced the workload on the IT Department and is more conductive for learning than restricting the machine to the point where it is barley functional. The user can perform any action from creating machine accounts to changing desktop backgrounds. A simple reboot removes any changes the student made to the system. Each system has a "thaw space" that is sized appropriately for the lab so the instructor has a place to store project files. Some labs have a mapped network share that the instructor has access to modify for placing assignment files in. the standard student logon has read only access to the network share. Another application we previously used is fortress 101 http://www.fortresgrand.com/products/f101/f101.htm this worked well in computer labs and showed potential for use in staff offices, since adopting deepfreeze we have discontinued use of fortress 101 I still like the product. -----Original Message----- From: I Freecycle [mailto:i.freecycle.too () gmail com] Sent: Wednesday, June 28, 2006 12:02 PM To: security-basics () securityfocus com Subject: Rights Hello, I'm wondering how others deal with allowing users rights on work computers. At our school, users aren't normally given Administrator or Power User rights unless it's absolutely necessary. Occasionally we encounter employees and students that don't understand how easily a system can be messed up and the security issues involved nor why we feel it's necessary to operate like this. I would like to know what others do, and what policies they have in place to address these issues. Thanks, ------------------------------------------------------------------------ --- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. http://www.msia.norwich.edu/secfocus ------------------------------------------------------------------------ --- ------------------------------------------------------------------------ --- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. http://www.msia.norwich.edu/secfocus ------------------------------------------------------------------------ --- -- No virus found in this incoming message. Checked by AVG Free Edition. Version: 7.1.394 / Virus Database: 268.9.4/375 - Release Date: 6/25/2006 -- No virus found in this outgoing message. Checked by AVG Free Edition. Version: 7.1.394 / Virus Database: 268.9.4/375 - Release Date: 6/25/2006 ------------------------------------------------------------------------ --- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. http://www.msia.norwich.edu/secfocus ------------------------------------------------------------------------ --- --------------------------------------------------------------------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- Rights I Freecycle (Jun 28)
- Re: Rights Saqib Ali (Jun 29)
- Re: Rights Dereck Martin (Jun 29)
- Re: Rights Philippe De Ryck (Jun 29)
- RE: Rights Jamie Wareham (Jun 29)
- RES: Rights Ricardo Perin (Jun 29)
- RE: Rights Lane, Jim (Jun 30)
- <Possible follow-ups>
- RE: Rights Jeffery Adam (Jun 29)
- RE: Rights David Smith (Jun 29)
- Re: Rights Dereck Martin (Jun 30)
- RE: Rights Jeffery Adam (Jun 30)