[KLUG Members] Drive Shield/Deep Freeze for Linux

[Adam Tauno Williams]

> >>>> >I think translucent filesystems will work for you.  Mount the parition read-only
> >>>> >and then mount a RAM disk over it?
> >>> Translucent filesystems?  I think I understand conceptually how that 
> >>> would work, but I've never heard of such a thing.  Can you explain how 
> >>> one would implement that?  What the heck would the /etc/fstab entries 
> >>> look like?
> >Haven't used one in ages;  I'll see if I get a chance to look it up.
> >I'm fairly certain they became standard in 2.6.
> >Translucency is basically a read-write media mounted over a read-only
> >one.  So long as the object doesn't exist on the rw media you see the
> >object on the ro media.  If open the object read-write it is
> >transparently copied to the rw media and then operation suceeds.
> Hmmm,  presentation topic?

Possibly, but a short one.

> >>> Two problems with that (at least before we have to take this over to 
> >>> advocacy):  1) In most cases you CAN install stuff on a Windows box 
> >>> without being an administrator, 
> >Only if the local admin hasn't bother to configure a policy (it isn't
> >hard).  I have lots of 2000/XP boxes and the user can't so much as
> >install a browser plugin.
> Guess I need to brush up on my AD (which I needed to anyway, but getting 
> caught being wrong makes it a little more likely I'll actually do it.)  
> Seems like it should be the default, though, not something you have to 
> add.  And in Linux you can lock down a non-networked workstation.  GPO's 
> require an AD server.

You don't need AD to do policies.  NT supported policies, and they can
even be setup on a local machine.  We use NT4 policies from a Samba 3.x
LDAPSAM PDC.   It *IS* possible to do GPO's from a Samba 3.x PDC
apparently (I'm told from a very reliable source) but the process hasn't
been documented yet.  Just grab a copy of poledit.exe and the adm files
of the web or your NT CD and you can setup policies point-an-click.

> The game that comes to mind is Age of Mythology, written by Ensemble 
> Studios, a subsidiary of Microsoft themselves!  It's quite recent, but I 
> don't know for sure if it has the 2000/XP sticker or not.

One shouldn't take "subsidiary" to mean anything more than 'owned by'.
Subsidiary-ness is merely a financial/legal status;  it doesn't
neccesarily have any impact at all on day-to-day operations or access to
information (trust me).

I haven't played a video game in a very long time (possibly years) so I
can't help you much there.

> >BUT THERE IS NO EXCUSE FOR NOT BITCHIN' TO THE DEVELOPERS ABOUT SOFTWARE
> >THAT ****IS**** INCORRECTLY IMPLEMENTED.  I believe in writing one's
> >congressman frequently and even more frequent verbal lashing of
> >proprietary software developers.  Both actually work (I've had a federal
> >congressman call me on my cell phone, and I've had patches suddenly
> >appear that fix the @#**(@#*(@# run-as-administrator ***BUG***).
> Impressive!  I wonder if an average Joe who doesn't have the muscle of a 
> company behind him would get the same response.

People habitually underestimate their influence; in a pasture full of
sheep even the smallest goat can push its way to the top of the hill
(How do you think such a tiny religious fringe exerts so much political
power?  [ for better or worse is beside the point ]  It is simple.  They
read Luke 18:1-8.  It pays to be really annoying.)