[schooltool-dev] Configuration issues for schools

Mon Feb 9 13:00:03 UTC 2009

Hi again,

Tom has provided a lot of useful input on the issues we've been discussing
with regards to data management configuration for educational applications.
However, when I was on IRC there were 3 different people who independently
said some of these issues are being thought about. Now would be a great time
to share those thoughts :-).

Just to re-cap, here are the main issues as I see them:
1. Many elementary/primary schools don't run with real user accounts,
because little kids have a hard time with things like typing passwords. So
all students use the same password-less login, often with username
"student". Thus, educational applications needing to store per-kid data have
to come up with a standard way of doing that. Beyond starting each
application with a GUI that allows the kid to select him/herself from a
list, the main issues are how to store the data.
2. One proposal (that I advanced) is simply a directory tree, put in a
standard place, that could be used by all applications. In my version of the
implementation, these directories would have little or no security. (One
exception: if the school is using real user directories, we would of course
make use of those.)
3. Tom proposed LDAP or web services. I've always thought of LDAP mainly as
a method of easing sysadmin burdens by allowing the same passwords to be
used on any machine, but through reading this weekend I've begun to better
appreciate Tom's suggestion---if I understand correctly, we could use LDAP
or web services to manage access to particular directories that are
otherwise off-limits to more general applications. Is that correct? If so,
is the enhanced security worth any troubles in terms of installation or
management? I don't have personal experience with LDAP, but have heard a few
concerns voiced about its complexity. (For example, my lab's sysadmin spent
a week trying to switch our computers to logging in via LDAP, and reverted
to just setting up everyone's password on every machine.) Perhaps some of
the trouble is really a configuration issue, and we could smooth over that
by providing software that insulates the user from the technical details?
Would cross-platform (Mac, Windows, and even BeOS) be a problem?

Overall, how much of a problem is security? At the elementary school level,
I tend to think it may not be a big problem---the kids aren't very
technically savvy, and without individual password-protected user accounts
there is a limit as to how much one can really insure security. But others
might disagree, and in any event it's worth asking whether similar issues
arise at higher grade levels.

What advice do the rest of you (including Tom, of course) have to share?

--Tim
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/edubuntu-devel/attachments/20090209/6e7dde8e/attachment.html>