[gentoo-user] Deny flash to a specific user?

[gentoo-user] Deny flash to a specific user?

[Mark Knecht]

Is there a way to do this using normal system configuration methods?
Some group that controls access maybe?

Thanks,
Mark

Re: [gentoo-user] Deny flash to a specific user?

[Albert Hopkins]

On Tue, 2008-11-18 at 17:29 -0800, Mark Knecht wrote:
> Is there a way to do this using normal system configuration methods?
> Some group that controls access maybe?
> 
> Thanks,
> Mark
> 

Why do you want to do this? You could do something similar to:

        # groupadd flashusers
        # chgrp flashusers /opt/netscape/plugins/libflashplayer.so
        # chmod 0750 /opt/netscape/plugins/libflashplayer.so
        # gpasswd -a niceguy flashusers

However that doesn't prevent a user from installing their own version of
flash (mount -o remount,noexec /home might). But I don't understand why.
What is your justification for doing that?

-a

Re: [gentoo-user] Deny flash to a specific user?

[Stroller]

On 19 Nov 2008, at 04:06, Albert Hopkins wrote:
> ...
> Why do you want to do this? ... I don't understand why.
> What is your justification for doing that?

To prevent his kids from watching YouPorn.

Stroller.

Re: [gentoo-user] Deny flash to a specific user?

[Qian Qiao]

On Wed, Nov 19, 2008 at 09:54, Stroller <stroller@stellar.eclipse.co.uk> wrote:
>
> On 19 Nov 2008, at 04:06, Albert Hopkins wrote:
>>
>> ...
>> Why do you want to do this? ... I don't understand why.
>> What is your justification for doing that?
>
> To prevent his kids from watching YouPorn.
>
> Stroller.

In that case, isn't putting

127.0.0.1 ADDRESSES_TO_BE_BLOCKED

into /etc/hosts easier?

Or just set up a proxy.

Joe

-- 
There are 3 kinds of people in the world: those who can count, and
those who can't.

Re: [gentoo-user] Deny flash to a specific user?

[Michael Moore]

On 10:05 Wed 19 Nov     , Qian Qiao wrote:
> On Wed, Nov 19, 2008 at 09:54, Stroller <stroller@stellar.eclipse.co.uk> wrote:
> >
> > On 19 Nov 2008, at 04:06, Albert Hopkins wrote:
> >>
> >> ...
> >> Why do you want to do this? ... I don't understand why.
> >> What is your justification for doing that?
> >
> > To prevent his kids from watching YouPorn.
> >
> > Stroller.
> 
> In that case, isn't putting
> 
> 127.0.0.1 ADDRESSES_TO_BE_BLOCKED
> 
> into /etc/hosts easier?
> 
> Or just set up a proxy.
> 
> Joe
> 
> -- 
> There are 3 kinds of people in the world: those who can count, and
> those who can't.

No, perhaps not, considering the fact that there are so many sites with
pron. Maintaining such a massive hosts file is a disaster and worse still 
the solution is not fullproof. But then, FWIW such problems seldom have
foolproof solutions.

The idea of proxy is very valid(in particular the transparent proxy
implementation), mixed with mime-type handling could do the trick. What
complicates the situation slightly is that it is to be done for just one
user. I don't personally use proxy so not sure about the implementation
details. Perhaps somebody with the usage experience can provide a
detailed solution, once we are sure as to the reason for the question.

-- 

Regards,
Michael Moore <mikem.unet(at)gmail.com>
About *NIX: If its not fun, why do it?

Re: [gentoo-user] Deny flash to a specific user?

[Qian Qiao]

On Wed, Nov 19, 2008 at 15:07, Michael Moore <mikem.unet@gmail.com> wrote:
> On 10:05 Wed 19 Nov     , Qian Qiao wrote:
>> On Wed, Nov 19, 2008 at 09:54, Stroller <stroller@stellar.eclipse.co.uk> wrote:
>> >
>> > On 19 Nov 2008, at 04:06, Albert Hopkins wrote:
>> >>
>> >> ...
>> >> Why do you want to do this? ... I don't understand why.
>> >> What is your justification for doing that?
>> >
>> > To prevent his kids from watching YouPorn.
>> >
>> > Stroller.
>>
>> In that case, isn't putting
>>
>> 127.0.0.1 ADDRESSES_TO_BE_BLOCKED
>>
>> into /etc/hosts easier?
>>
>> Or just set up a proxy.
>>
>> Joe
>>
>> --
>> There are 3 kinds of people in the world: those who can count, and
>> those who can't.
>
> No, perhaps not, considering the fact that there are so many sites with
> pron. Maintaining such a massive hosts file is a disaster and worse still
> the solution is not fullproof. But then, FWIW such problems seldom have
> foolproof solutions.
>
> The idea of proxy is very valid(in particular the transparent proxy
> implementation), mixed with mime-type handling could do the trick. What
> complicates the situation slightly is that it is to be done for just one
> user. I don't personally use proxy so not sure about the implementation
> details. Perhaps somebody with the usage experience can provide a
> detailed solution, once we are sure as to the reason for the question.

I did a quick google for "linux parental control", turned out there
are a couple of solutions, each with their strengths and weaknesses
ofc.

If it's parental control that the OP is after, then he can have a look at them.

Then again, we are only guessing the OP's intention.

-- Joe

-- 
There are 3 kinds of people in the world: those who can count, and
those who can't.

Re: [gentoo-user] Deny flash to a specific user?

[Geralt]

Preventing flash does not prevent anybody of watching flash movies,
because you can download the flash movies using one of the many flash
downloader websites and then just play it with mplayer (for example).

On Wed, Nov 19, 2008 at 4:09 PM, Qian Qiao <qian.qiao@gmail.com> wrote:
> On Wed, Nov 19, 2008 at 15:07, Michael Moore <mikem.unet@gmail.com> wrote:
>> On 10:05 Wed 19 Nov     , Qian Qiao wrote:
>>> On Wed, Nov 19, 2008 at 09:54, Stroller <stroller@stellar.eclipse.co.uk> wrote:
>>> >
>>> > On 19 Nov 2008, at 04:06, Albert Hopkins wrote:
>>> >>
>>> >> ...
>>> >> Why do you want to do this? ... I don't understand why.
>>> >> What is your justification for doing that?
>>> >
>>> > To prevent his kids from watching YouPorn.
>>> >
>>> > Stroller.
>>>
>>> In that case, isn't putting
>>>
>>> 127.0.0.1 ADDRESSES_TO_BE_BLOCKED
>>>
>>> into /etc/hosts easier?
>>>
>>> Or just set up a proxy.
>>>
>>> Joe
>>>
>>> --
>>> There are 3 kinds of people in the world: those who can count, and
>>> those who can't.
>>
>> No, perhaps not, considering the fact that there are so many sites with
>> pron. Maintaining such a massive hosts file is a disaster and worse still
>> the solution is not fullproof. But then, FWIW such problems seldom have
>> foolproof solutions.
>>
>> The idea of proxy is very valid(in particular the transparent proxy
>> implementation), mixed with mime-type handling could do the trick. What
>> complicates the situation slightly is that it is to be done for just one
>> user. I don't personally use proxy so not sure about the implementation
>> details. Perhaps somebody with the usage experience can provide a
>> detailed solution, once we are sure as to the reason for the question.
>
> I did a quick google for "linux parental control", turned out there
> are a couple of solutions, each with their strengths and weaknesses
> ofc.
>
> If it's parental control that the OP is after, then he can have a look at them.
>
> Then again, we are only guessing the OP's intention.
>
> -- Joe
>
> --
> There are 3 kinds of people in the world: those who can count, and
> those who can't.
>
>

Re: [gentoo-user] Deny flash to a specific user?

[emailjp79]

Michael [19.Nov.2008 16:07]:

>On 10:05 Wed 19 Nov     , Qian Qiao wrote:
>...
>> In that case, isn't putting
>> 
>> 127.0.0.1 ADDRESSES_TO_BE_BLOCKED
>> 
>> into /etc/hosts easier?
>> 
>> Or just set up a proxy.
>
>No, perhaps not, considering the fact that there are so many sites with
>pron. Maintaining such a massive hosts file is a disaster and worse still 
>the solution is not fullproof. But then, FWIW such problems seldom have
>foolproof solutions.

Well, at least there is "mvps" [1] with a nice host-file, blocking
mostly ads, banners etc., which I use myself without much trouble.
While searching for a list of porn-sites to add to that list, I stumbled
upon BadHosts [2], which includes several hosts-files, one of them
entirely for porn-sites.

The sites listed there might get you started, but as noted by Qian Qiao
before, that list will never be complete or up-to-date. Besides, using
an anonymizer to reach one of those sites will get you there anyway. You
would have to block those, too.

My opinion: If children are to be "protected" from that kind of content,
seting up a public computer in a livingroom might be a better way (in
conjunction with a host-file maybe for those nasty ads). But as soon as
one starts blocking sites, the question will be where to stop.


JP

[1] http://www.mvps.org/winhelp2002/hosts.htm
[2] http://www.hostsfile.org/hosts.html

-- 
Time flies like the wind, but fruit flies like bananas.

Re: [gentoo-user] Deny flash to a specific user?

[Mark Knecht]

On Fri, Nov 21, 2008 at 8:22 AM,  <emailjp79@gmx.de> wrote:
> Michael [19.Nov.2008 16:07]:
>
>> On 10:05 Wed 19 Nov     , Qian Qiao wrote:
>> ...
>>>
>>> In that case, isn't putting
>>>
>>> 127.0.0.1 ADDRESSES_TO_BE_BLOCKED
>>>
>>> into /etc/hosts easier?
>>>
>>> Or just set up a proxy.
>>
>> No, perhaps not, considering the fact that there are so many sites with
>> pron. Maintaining such a massive hosts file is a disaster and worse still
>> the solution is not fullproof. But then, FWIW such problems seldom have
>> foolproof solutions.
>
> Well, at least there is "mvps" [1] with a nice host-file, blocking
> mostly ads, banners etc., which I use myself without much trouble.
> While searching for a list of porn-sites to add to that list, I stumbled
> upon BadHosts [2], which includes several hosts-files, one of them
> entirely for porn-sites.
>
> The sites listed there might get you started, but as noted by Qian Qiao
> before, that list will never be complete or up-to-date. Besides, using
> an anonymizer to reach one of those sites will get you there anyway. You
> would have to block those, too.
>
> My opinion: If children are to be "protected" from that kind of content,
> seting up a public computer in a livingroom might be a better way (in
> conjunction with a host-file maybe for those nasty ads). But as soon as
> one starts blocking sites, the question will be where to stop.
>
>
> JP

Thanks to all that have answered. I appreciate the responses greatly.

Indeed the question was based around what to do with a kid that's not
using his computer time appropriately. It has nothing to do with
'protecting' him via censoring or anything like that. It was more a
matter of should he be playing Flash games or playing online videos of
Star Craft games when he has homework to be doing. After thinking
about it the decision in the end was to do nothing technical. Nothing
technical is going to fix this problem other than him growing up a
bit.

Thanks again,
Mark

Re: [gentoo-user] Deny flash to a specific user?

[Chris Thomas]

Squid with squidguard or dansguardian should filter out most of the 'bad stuff'.

-Chris

On Fri, Nov 21, 2008 at 11:34 AM, Mark Knecht <markknecht@gmail.com> wrote:
> On Fri, Nov 21, 2008 at 8:22 AM,  <emailjp79@gmx.de> wrote:
>> Michael [19.Nov.2008 16:07]:
>>
>>> On 10:05 Wed 19 Nov     , Qian Qiao wrote:
>>> ...
>>>>
>>>> In that case, isn't putting
>>>>
>>>> 127.0.0.1 ADDRESSES_TO_BE_BLOCKED
>>>>
>>>> into /etc/hosts easier?
>>>>
>>>> Or just set up a proxy.
>>>
>>> No, perhaps not, considering the fact that there are so many sites with
>>> pron. Maintaining such a massive hosts file is a disaster and worse still
>>> the solution is not fullproof. But then, FWIW such problems seldom have
>>> foolproof solutions.
>>
>> Well, at least there is "mvps" [1] with a nice host-file, blocking
>> mostly ads, banners etc., which I use myself without much trouble.
>> While searching for a list of porn-sites to add to that list, I stumbled
>> upon BadHosts [2], which includes several hosts-files, one of them
>> entirely for porn-sites.
>>
>> The sites listed there might get you started, but as noted by Qian Qiao
>> before, that list will never be complete or up-to-date. Besides, using
>> an anonymizer to reach one of those sites will get you there anyway. You
>> would have to block those, too.
>>
>> My opinion: If children are to be "protected" from that kind of content,
>> seting up a public computer in a livingroom might be a better way (in
>> conjunction with a host-file maybe for those nasty ads). But as soon as
>> one starts blocking sites, the question will be where to stop.
>>
>>
>> JP
>
> Thanks to all that have answered. I appreciate the responses greatly.
>
> Indeed the question was based around what to do with a kid that's not
> using his computer time appropriately. It has nothing to do with
> 'protecting' him via censoring or anything like that. It was more a
> matter of should he be playing Flash games or playing online videos of
> Star Craft games when he has homework to be doing. After thinking
> about it the decision in the end was to do nothing technical. Nothing
> technical is going to fix this problem other than him growing up a
> bit.
>
> Thanks again,
> Mark
>
>

RE: [gentoo-user] Deny flash to a specific user?

[Brett Freer]

Hi Mark,

Why don't you try www.opendns.com?

Kind regards

Brett 

-----Original Message-----
From: Mark Knecht [mailto:markknecht@gmail.com] 
Sent: Saturday, 22 November 2008 3:35 AM
To: gentoo-user@lists.gentoo.org
Subject: Re: [gentoo-user] Deny flash to a specific user?

On Fri, Nov 21, 2008 at 8:22 AM,  <emailjp79@gmx.de> wrote:
> Michael [19.Nov.2008 16:07]:
>
>> On 10:05 Wed 19 Nov     , Qian Qiao wrote:
>> ...
>>>
>>> In that case, isn't putting
>>>
>>> 127.0.0.1 ADDRESSES_TO_BE_BLOCKED
>>>
>>> into /etc/hosts easier?
>>>
>>> Or just set up a proxy.
>>
>> No, perhaps not, considering the fact that there are so many sites 
>> with pron. Maintaining such a massive hosts file is a disaster and 
>> worse still the solution is not fullproof. But then, FWIW such 
>> problems seldom have foolproof solutions.
>
> Well, at least there is "mvps" [1] with a nice host-file, blocking 
> mostly ads, banners etc., which I use myself without much trouble.
> While searching for a list of porn-sites to add to that list, I 
> stumbled upon BadHosts [2], which includes several hosts-files, one of

> them entirely for porn-sites.
>
> The sites listed there might get you started, but as noted by Qian 
> Qiao before, that list will never be complete or up-to-date. Besides, 
> using an anonymizer to reach one of those sites will get you there 
> anyway. You would have to block those, too.
>
> My opinion: If children are to be "protected" from that kind of 
> content, seting up a public computer in a livingroom might be a better

> way (in conjunction with a host-file maybe for those nasty ads). But 
> as soon as one starts blocking sites, the question will be where to
stop.
>
>
> JP

Thanks to all that have answered. I appreciate the responses greatly.

Indeed the question was based around what to do with a kid that's not
using his computer time appropriately. It has nothing to do with
'protecting' him via censoring or anything like that. It was more a
matter of should he be playing Flash games or playing online videos of
Star Craft games when he has homework to be doing. After thinking about
it the decision in the end was to do nothing technical. Nothing
technical is going to fix this problem other than him growing up a bit.

Thanks again,
Mark

Re: [gentoo-user] Deny flash to a specific user?

[Mark Knecht]

Hey Brett,
   I already point my router at these guys. Is there something more I
could be doing?

   I've decided that for the most part this is probably a futile
undertaking. It turns out some of his online classes are using Flash
and certainly a lot of video media as port of how they teach. With
that in mind it's pretty difficult for me to block the technologies
themselves as a 'policy' decision. That leaves me with trying to block
web sites which turns me real-time policeman which I'm unwilling to do
so I've let him know that I'm watching how he uses the machines. It
hasn't worked in the past though...

Cheers,
Mark

On Sat, Nov 22, 2008 at 12:53 AM, Brett Freer <brett@rhapsody.com.au> wrote:
> Hi Mark,
>
> Why don't you try www.opendns.com?
>
> Kind regards
>
> Brett
>
> -----Original Message-----
> From: Mark Knecht [mailto:markknecht@gmail.com]
> Sent: Saturday, 22 November 2008 3:35 AM
> To: gentoo-user@lists.gentoo.org
> Subject: Re: [gentoo-user] Deny flash to a specific user?
>
> On Fri, Nov 21, 2008 at 8:22 AM,  <emailjp79@gmx.de> wrote:
>> Michael [19.Nov.2008 16:07]:
>>
>>> On 10:05 Wed 19 Nov     , Qian Qiao wrote:
>>> ...
>>>>
>>>> In that case, isn't putting
>>>>
>>>> 127.0.0.1 ADDRESSES_TO_BE_BLOCKED
>>>>
>>>> into /etc/hosts easier?
>>>>
>>>> Or just set up a proxy.
>>>
>>> No, perhaps not, considering the fact that there are so many sites
>>> with pron. Maintaining such a massive hosts file is a disaster and
>>> worse still the solution is not fullproof. But then, FWIW such
>>> problems seldom have foolproof solutions.
>>
>> Well, at least there is "mvps" [1] with a nice host-file, blocking
>> mostly ads, banners etc., which I use myself without much trouble.
>> While searching for a list of porn-sites to add to that list, I
>> stumbled upon BadHosts [2], which includes several hosts-files, one of
>
>> them entirely for porn-sites.
>>
>> The sites listed there might get you started, but as noted by Qian
>> Qiao before, that list will never be complete or up-to-date. Besides,
>> using an anonymizer to reach one of those sites will get you there
>> anyway. You would have to block those, too.
>>
>> My opinion: If children are to be "protected" from that kind of
>> content, seting up a public computer in a livingroom might be a better
>
>> way (in conjunction with a host-file maybe for those nasty ads). But
>> as soon as one starts blocking sites, the question will be where to
> stop.
>>
>>
>> JP
>
> Thanks to all that have answered. I appreciate the responses greatly.
>
> Indeed the question was based around what to do with a kid that's not
> using his computer time appropriately. It has nothing to do with
> 'protecting' him via censoring or anything like that. It was more a
> matter of should he be playing Flash games or playing online videos of
> Star Craft games when he has homework to be doing. After thinking about
> it the decision in the end was to do nothing technical. Nothing
> technical is going to fix this problem other than him growing up a bit.
>
> Thanks again,
> Mark
>
>
>

RE: [gentoo-user] Deny flash to a specific user?

[Brett Freer]

Hi Mark,

With www.opendns.com, you create an account, and choose your own rules.
I think they have around 50 categories to start with. You can then
extend it with your own personal white/black lists. You can't block the
flash technology, but you can have a lot of success blocking unwanted
website types.

Kind regards

Brett Freer

 

-----Original Message-----
From: Mark Knecht [mailto:markknecht@gmail.com] 
Sent: Sunday, 23 November 2008 12:31 AM
To: gentoo-user@lists.gentoo.org
Subject: Re: [gentoo-user] Deny flash to a specific user?

Hey Brett,
   I already point my router at these guys. Is there something more I
could be doing?

   I've decided that for the most part this is probably a futile
undertaking. It turns out some of his online classes are using Flash and
certainly a lot of video media as port of how they teach. With that in
mind it's pretty difficult for me to block the technologies themselves
as a 'policy' decision. That leaves me with trying to block web sites
which turns me real-time policeman which I'm unwilling to do so I've let
him know that I'm watching how he uses the machines. It hasn't worked in
the past though...

Cheers,
Mark

On Sat, Nov 22, 2008 at 12:53 AM, Brett Freer <brett@rhapsody.com.au>
wrote:
> Hi Mark,
>
> Why don't you try www.opendns.com?
>
> Kind regards
>
> Brett
>
> -----Original Message-----
> From: Mark Knecht [mailto:markknecht@gmail.com]
> Sent: Saturday, 22 November 2008 3:35 AM
> To: gentoo-user@lists.gentoo.org
> Subject: Re: [gentoo-user] Deny flash to a specific user?
>
> On Fri, Nov 21, 2008 at 8:22 AM,  <emailjp79@gmx.de> wrote:
>> Michael [19.Nov.2008 16:07]:
>>
>>> On 10:05 Wed 19 Nov     , Qian Qiao wrote:
>>> ...
>>>>
>>>> In that case, isn't putting
>>>>
>>>> 127.0.0.1 ADDRESSES_TO_BE_BLOCKED
>>>>
>>>> into /etc/hosts easier?
>>>>
>>>> Or just set up a proxy.
>>>
>>> No, perhaps not, considering the fact that there are so many sites 
>>> with pron. Maintaining such a massive hosts file is a disaster and 
>>> worse still the solution is not fullproof. But then, FWIW such 
>>> problems seldom have foolproof solutions.
>>
>> Well, at least there is "mvps" [1] with a nice host-file, blocking 
>> mostly ads, banners etc., which I use myself without much trouble.
>> While searching for a list of porn-sites to add to that list, I 
>> stumbled upon BadHosts [2], which includes several hosts-files, one 
>> of
>
>> them entirely for porn-sites.
>>
>> The sites listed there might get you started, but as noted by Qian 
>> Qiao before, that list will never be complete or up-to-date. Besides,

>> using an anonymizer to reach one of those sites will get you there 
>> anyway. You would have to block those, too.
>>
>> My opinion: If children are to be "protected" from that kind of 
>> content, seting up a public computer in a livingroom might be a 
>> better
>
>> way (in conjunction with a host-file maybe for those nasty ads). But 
>> as soon as one starts blocking sites, the question will be where to
> stop.
>>
>>
>> JP
>
> Thanks to all that have answered. I appreciate the responses greatly.
>
> Indeed the question was based around what to do with a kid that's not 
> using his computer time appropriately. It has nothing to do with 
> 'protecting' him via censoring or anything like that. It was more a 
> matter of should he be playing Flash games or playing online videos of

> Star Craft games when he has homework to be doing. After thinking 
> about it the decision in the end was to do nothing technical. Nothing 
> technical is going to fix this problem other than him growing up a
bit.
>
> Thanks again,
> Mark
>
>
>