1 |
On 03/20/2013 07:04 AM, Neil Bothwick wrote: |
2 |
> I'm looking for software that can be used to control a child's usage of |
3 |
> the computer (not Internet filtering). At the very least it should be |
4 |
> able to control length of login sessions and when the child is able to |
5 |
> login. Ideally it would also be able to control access to programs, for |
6 |
> example education programs can be used for a couple of hours but games |
7 |
> for only 30 mins at a time (net control software can be used to deal with |
8 |
> online versions). There are other situations where this sort of thing is |
9 |
> useful, so it need not necessarily be a package aimed specifically at |
10 |
> parental controls. |
11 |
> |
12 |
> Timekpr looks the ideal candidate, except it hasn't had a release in |
13 |
> over three years. |
14 |
> |
15 |
> Any suggestions? |
16 |
|
17 |
I've been studying Kerberos a great deal lately, and so that's naturally |
18 |
where my mind went when I read this. Take the practicality of the idea |
19 |
with a grain of salt. I also make no claims to know exactly how to |
20 |
implement this for programs not already inherently kerberized. |
21 |
|
22 |
You might use Kerberos to enforce access limits by associating services |
23 |
with each thing you wish to control, giving the auth tickets a short |
24 |
rollover period, and refusing to regrant after a ticket has been rolled |
25 |
over enough times in one day. |
26 |
|
27 |
That easily covers the question of "when the child is able to log in", |
28 |
and could also work for "enforce the length of login sessions" if you're |
29 |
able to use a thin client model, or put the user's profile on a |
30 |
kerberized samba or nfs server. I don't know what mechanisms are |
31 |
available to force clean shutdowns of user sessions, though; anything I |
32 |
can think of risks data loss if apps haven't committed all open data to |
33 |
storage yet. |