On Thu, 2004-12-30 at 10:58, RobC wrote:
> I am not using RDP or Citrix, only Linux and XDMCP. My thinstation clients
> don't use a local window manager, they automatically start X and display the XDM
> login screen provided by the server.
The local devices are available to your local X session, but I am
guessing you ONLY allow access to a remote X session on a server via
xnest. You then want the application running on the server to access the
I don't think that we have anything in TS for this yet (I'm not sure how
ndb works). NFS is for accessing server file shares.
SAMBA will give you access, but by default the settings are for a
specific user defined in the build (obviously what you are trying to
avoid). You could try setting SAMBA_SECURITY=Domain, but again that
won't stop authenticated users accessing a device.
Sorry I haven't answered the question, but hopefully expanded the
> -- Previous Message --
> From: John A. Milburn <JohnAMilburn@......>
> Re: Secure (Limited) Access to Client-side Devices
> 2004-12-29 18:24
> It depends on whether you are using RDP or Citrix. If you are using Citrix,
> don"t use SAMBA. Citrix can connect the local devices and only the current
> session will see them.
> ----- Original Message -----
> From: "RobC" <supportNOSPAM@......>
> To: <thinstation-general@......>
> Sent: Wednesday, December 29, 2004 3:18 PM
> Subject: [Thinstation-general] Secure (Limited) Access to Client-side
> > Hello,
> > I have setup a network of Thinstation terminals, and I want to allow
> access to
> > the client-side device for server-based applications.
> > I have been able to get CD-ROM drive access working by editing the file
> > .../Thinstation-2.1/packages/samba-base/lib/smb.conf.tpl
> > and replacing
> > "public = $SAMBA_PUBLIC"
> > with
> > "public = yes"
> > for the $SAMBA_CDROM[cdrom] share, and recompiling Thinstation.
> > I imagine the $SAMBA_PUBLIC variable should be set in a config file
> > instead, but I haven"t found that yet.
> > MY QUESTION IS:
> > How can I securely allow each person access to their own client-side
> devices, so
> > that one person can not access the devices on another person"s client.
> This is
> > very important for me as people on the network will be using USB-sticks
> > sensitive data on them, and they must not be able to read/write each
> > devices.
> > The main reason I"m having trouble with this is because the Samba config
> > compiled into the image that is shared by all clients, so how can I have
> > individual configs to maintain security? I must be missing something, I
> am by
> > no means an expert in Samba.
> > If there is any pre-existing documentation to this, I haven"t found it so
> > refer me, otherwise, I will write some when I have the answers, and
> > it to the project.
> > Please CC me any replies, thank you!
> The SF.Net email is sponsored by: Beat the post-holiday blues
> Get a FREE limited edition SourceForge.net t-shirt from ThinkGeek.
> It's fun and FREE -- well, almost....http://www.thinkgeek.com/sfshirt
> Thinstation-general mailing list