I would just use iptables to do the redirect of all port 80 traffic and
remove the configuration from Firefox all together. This will redirect all
port 80 traffic through DansGuardian so no one can by pass the content
filter no matter what browser may be used. That is how I have done it.

David

-----Original Message-----
From: plug-discuss-bounces@lists.plug.phoenix.az.us
[mailto:plug-discuss-bounces@lists.plug.phoenix.az.us]On Behalf Of
George Toft
Sent: Sunday, January 21, 2007 4:42 PM
To: PLUG Discuss
Subject: Firefox configuration management


I need to set up a Linux workstation (Computers for Families project)
that filters content.  The workstation is an edubuntu install.  Users
have a generic login, separate from the admin, and the root account is
locked.  I added Squid and DansGuardian, which works perfectly once the
Firefox connection settings are set to 127.0.0.1:8080.  Problem is that
any user can override this setting in their local profile.

Is there an elegan way to prevent a user from changing this setting and
surfing the sites of ill repute?

Kluge/Hackjob method 1:
I guess I could implement a cronjob that checks to see if firefox has
any established port 80 connections, then kills it.  Pretty Draconian,
but it will get the point across.  Make pref.js read-only for the user
which restores the proxy settings.  Pretty inconvenient for the user :(


Thoughts?

--
George Toft, CISSP, MSIS
623-203-1760


---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change  you mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change  you mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss