Ubuntu in the University: dangerous installed applications?

Michael V. De Palatis mvd at gatech.edu
Thu Oct 26 11:34:27 UTC 2006 

On Thu, Oct 26, 2006 at 11:59:45AM +0200, Francisco Borges wrote:
> : On Thu, Oct 26, 2006 at 01:00AM -0400, Daniel Allen wrote:
> 
> > Hi,
> >
> > We've deployed a set of Ubuntu servers to act as X11 servers in a university
> > setting for Computer Science students.
> 
> Glad to hear that!
> 
> > It's come up that... some of the packages that are installed by default
> > probably shouldn't be, both by policy and to reduce undergrads'
> > opportunities for mischief.  Right now we're looking at netcat and
> > bittorrent.  Suggestions for other mischief tools? (Yes, I know this could
> > be a loaded question based on definitions- we're not removing ssh or
> > firefox, obviously. I'd prefer keeping this discussion to specific packages
> > that are high or reasonably high risk for abuse by crafty students; from
> > these, we can select the minimal number to remove to reduce the greatest
> > amount of headache for us admins.  Thanks.)
> 
> I once worked as a sysadmin of a universitary student network.
> 
> I see your point, but as someone already pointed out, for as long as
> they can install/compile software themselves, the problem remains. Thus
> IMHO removing any package that already require mild skills to be used is
> counterproductive, since some students could be using them to learn.

I completely agree and was going to say something just like this. It's
not hard to download any source code for something not installed and
just install it in the $HOME prefix. Since this is hardly difficult, I
don't really see a reason why to make it hard for someone who is
trying to do something legitimate.

> 
> Right now out of the top of my head, I can only think about P2P software
> as stuff I would remove.

I would agree also to some degree. However, there are certainly
legitimate uses of P2P (such as downloading Ubuntu ISO images!). That
said, universities often don't want bandwidth to go out of control, so
it might be smarter to just limit individual users' bandwidth rather
than not installing potentially useful tools (I have *no* idea how to
do this, but I'm sure there is some way to do it, since they did it at
the University of Texas, my undergrad institution).

That said, unlike the above "mishief" tools that can be quickly
compiled and used, it might just be better to not have bit torrent
clients installed since the nuisance of having to download and compile
might be enough to discourage its use for illegal means. You could
even host a local mirror for Ubuntu ISOs if you want to encourage
people to be able to do download it themselves :)

> 
> (Sorry if you already know this) BTW, I would like to *humbly* suggest
> you to use slocate. Student's (particularly) love to spent time trying
> to find out things about their colleagues.

I am pretty sure by default locate is a symlink to slocate, so I don't
think anything needs to be done there.

-- 
Michael V. De Palatis
Georgia Institute of Technology
School of Physics
837 State Street
Atlanta, GA 30332-0430

mvd 'at' gatech [dot] edu
http://mike.depalatis.net

More information about the ubuntu-users mailing list