[schooltool-dev] Configuration issues for schools

Tim Holy tim.holy at gmail.com
Sat Feb 7 22:37:22 UTC 2009

Tom (and everyone else),

I should add one point: there might be at least one problem which could be
solved by a realtime client-server interaction, having to do with
permissions. I'm not sure it's a sufficiently important use case to justify
a lot of extra complexity, but it might be, so I should throw it out there.

Suppose the 4th graders in Mrs Smith's class are playing tuxmath, and Jill
gets a new high score. This needs to be written somewhere that is
class-wide. In the design I proposed, that would be written to a directory
"above" Jill's home directory, e.g., in the classroom (teacher's) directory.
So she needs to have write-permission there.

But, we'd rather not have Peter opening up a text editor, navigating to the
class's directory, and changing the daily lessons or giving himself the high
score of the day. But, in theory he could do that if all the kids have write
permission for that directory.

One solution would be to grant read-only permission to the students for the
class directory. (They need read permission so tuxmath can read config files
placed there.) For things like high scores, then, tuxmath would have to pass
its data to some type of server that does have write permission for that

The reason that I say this might not be worth addressing is that we're
dealing with kids, and for TuxMath these tend to be fairly young kids. I
doubt that figuring this out will be a common occurence.

On the other hand, security problems have a tendency to come back to haunt
you. So I think this problem is worth thinking over carefully.

One halfway solution would be to have each student's high scores in their
own directory. When it comes time to display the scores, tuxmath could read
each student's directory and sort the scores. This still doesn't prevent
students from messing with the system using a text editor (they could edit
data in their own directory or in any other student's, assuming the school
is not using real user accounts). But, it does prevent more destructive
mayhem, because the teacher directories could be made read-only.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/edubuntu-devel/attachments/20090207/2c3a1954/attachment.html>

More information about the edubuntu-devel mailing list