[TCLUG] apache 2.0.47 question

Thu Dec 18 10:25:56 CST 2003

No, I think the accountability factor in requiring a log-in/log-out is 
GREAT! Kids using computers NEED to be taught proper security 
procedures. I was truly amazed at my last job how many people would walk 
away from their PCs without locking them. With open screens to the 
mainframe TOO! My wife's company has recently enacted a mandatory 
"password protected" screen saver, with a timeout of 10 minutes. As most 
people know, this is an easy registry change for the desktop admin 
group, and I'm sure they keep track of people who change it and if it's 
changed too often, it's probably reported to the person's manager.

You must have misunderstood my statement. I was merely suggesting that 
at first you would get kids who would not log out properly, and then 
others would use their account for making trouble. And I'm sure they 
would cry and moan about any disciplinary action.  They would have to be 
disciplined the same as those making the actual trouble as their lack of 
security led to the problem. They may not like it, but the perhaps they 
would learn their lesson after the first disciplinary action.

Wm. D Radomski wrote:
> Todd
> Is there any empirical evidence that a requirement of accountability
> is either harmful or unfair?  A mandatory log-in/log-out would do well
>  to solve both the security/control issues and further the exposure of 
> the students to what will be expected of them in the post-educational
> (for most of us, the "real") world.  Non-compliance could be easily
> tracked, and would simply result in a metered limit of access.  Is this 
> simple bit of logic beyond our current state of educational politics?
> 
> (naively?)
> Bill
> 
> On Wed, 17 Dec 2003 10:55:06 -0600 Todd Young <auditodd at comcast.net>
> writes:
> 
>>I think people are missing the point.....
>>
>>This is a number of schools, with a network of "publicly" used 
>>computers, at least public in the sense that any number of students 
>>in 
>>the schools can access these computers. Unless the ".pl page" is 
>>accessible to the "outside" world, filtering by IP would not solve 
>>the 
>>problem. If the page is accessible from the outside world, then a 
>>filter 
>>to allow only IPs within the school system would be partially 
>>effective.
>>
>>I think the only way to solve the problem would be to implement a 
>>"log 
>>on" standard across all of the computers at all of the schools 
>>involved. 
>>Forcing the students to log on to use a computer would provide a two 
>>
>>fold solution. First, it would get them used to proper computer 
>>security 
>>in a shared-PC environment. Second, it would allow you to "track" 
>>mischievous behavior. This is not a perfect solution, but I don't 
>>think 
>>there is a perfect solution.
>>
>>There is a catch. If a student fails to properly log out of their 
>>session, someone could use that session to send the mischievous 
>>messages. Even if a student didn't send the message, but failed to 
>>properly log out, they could be reprimanded for not following proper 
>>
>>security standards.
>>
>>Once the message gets out that "you can be tracked down by your 
>>login", 
>>students will be less likely to cause problems, AND more aware of 
>>security measures that protect their "identity".
>>
>>Callum Lerwick wrote:
>>
>>>>I run a content filter at a number of schools. When a site is 
>>
>>banned the
>>
>>>>user gets a .pl page to fill out on my server explaining why they 
>>
>>think the
>>
>>>>site should not be blocked. I get an email of their comments each 
>>
>>time the
>>
>>>>form is submitted. Lately, some people with too much time on their 
>>
>>hands are
>>
>>>>bringing the page up from my web site and sending me some cute, 
>>
>>simple
>>
>>>>minded messages. Is there something I can add to httpd.conf that 
>>
>>will only
>>
>>>>allow the page to be pulled up if it is requested from a specific 
>>
>>IP or
>>
>>>>network?
>>>
>>>
>>>If its a script to begin with, the cleanest thing would probably 
>>
>>be to
>>
>>>just add some code to the script to ignore anyone coming from the 
>>
>>wrong
>>
>>>IP. Dunno how to do it in perl offhand, but the REMOTE_ADDR cgi 
>>
>>variable
>>
>>>should be what you want...
>>
>>-- 
>>Todd Young
>>7079 Dawn Ave. E.
>>Inver Grove Heights, MN 55076
>>
>>
>>_______________________________________________
>>TCLUG Mailing List - Minneapolis/St. Paul, Minnesota
>>http://www.mn-linux.org tclug-list at mn-linux.org
>>https://mailman.real-time.com/mailman/listinfo/tclug-list
>>
> 
> 
> 
> _______________________________________________
> TCLUG Mailing List - Minneapolis/St. Paul, Minnesota
> http://www.mn-linux.org tclug-list at mn-linux.org
> https://mailman.real-time.com/mailman/listinfo/tclug-list
> 

-- 
Todd Young
7079 Dawn Ave. E.
Inver Grove Heights, MN 55076

_______________________________________________
TCLUG Mailing List - Minneapolis/St. Paul, Minnesota
http://www.mn-linux.org tclug-list at mn-linux.org
https://mailman.real-time.com/mailman/listinfo/tclug-list