Mac OS X- Telnet Exploit

M

MCS117

Joined
Jan 28, 2006
Messages
4
Reaction score
1
Hi. I am a tech aide in my school. We recently discovered that people with low privileges can open telnet using 'telnet:' or 'ssh:' on the browsers and use the 'open [filename]' command to open programs that are restricted to them. We thought we can delete the telnet/console applications but realized that people can use a copy from their flash drives/cd/any other removable storage. How can we disable the browser command to open the telnet or prevent them from opening the application?
 
R

Ric

Joined
May 14, 2004
Messages
4,260
Reaction score
5
Hi there and welcome !

Not sure about locking down the browser, I'll have to think about that.

It's fairly easy to 'stop' the students accessing the USB port, CD drive etc, is this an option for you ? Or do they need access to the USB port for the flash drives to copy there work ?

regards

Ric
 
M

MCS117

Joined
Jan 28, 2006
Messages
4
Reaction score
1
I just want to lock out the mac commands for the 'telnet:' cmd to not work. And we do need usbports/cd drives for the students to save their work. But if we can't, then we will soon lockout the usb/cds.
 
R

Ric

Joined
May 14, 2004
Messages
4,260
Reaction score
5
Hi there,

are these Macs "managed" via a OS X server, if they are you can stop them from using any Apps on local volumes...other than those you specify !

regards

Ric
 
R

Ric

Joined
May 14, 2004
Messages
4,260
Reaction score
5
Hi there,

what version of OS X Server are you running ?

Do you mange your users via the server ? If so then...

In Tiger (10.4 Server Software) you can limit the users at to what Applications can run, even those that are on remote volumes...you can also allow programs to run, but not allow program 'x' (ie Safari) to launch another program 'y' (ie Terminal).

How have you got the server set up ?

regards

Ric
 
M

MCS117

Joined
Jan 28, 2006
Messages
4
Reaction score
1
I think we got tiger. He was also planning to do this also. But we need to wait to set up the coding and registering all the kids to the server.
 
R

Ric

Joined
May 14, 2004
Messages
4,260
Reaction score
5
Hi there,

If you have the Tiger Server, then I would start reading all the PDF's (manuals) that are on the Install disks...

...there's quite a lot to understand, but it will definately be worth it !

If you set up Tiger server it will make running your network and managing the students so much easier !

You have a lot of control and can do things 'globally' to all Mac's !

It's definately the way to go.

regards

Ric
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

bought Used MacBook but locked 7
Connect firewire external drive to 2017 iMac with thunderbolt ports 2
New Mac yesterday but... 1
Best browser for iMac 3
iMac as oscilloscope? 1
Simple additions in Mac Numbers 13
Newbie ?s: does my iMac need an Anti-Virus program? to protect against the new bad stuff? 1
How to "Un-paire" one Mac to another Mac 1

Top