A Pluckeye Forum

A place for Pluckeye users to chew the cud.

You are not logged in.

#1 2019-07-13 15:18:15

orin
Member
Registered: 2019-07-13
Posts: 10

Can I limiting user account access to Pluckeye on Linux?

is there anyway to limit entries only by the admin or root user account? like let says you implement a whitelist and you have time 2 second but you want to make sure that only X user is able to add a new setting or putting a password on it?

thanks

Offline

#2 2019-07-13 17:14:11

jon
Administrator
Registered: 2017-01-10
Posts: 184

Re: Can I limiting user account access to Pluckeye on Linux?

Offline

#3 2019-07-13 17:20:39

jon
Administrator
Registered: 2017-01-10
Posts: 184

Re: Can I limiting user account access to Pluckeye on Linux?

I think you have a few options in approaching a multiple-user situation.

Can you limit pluck commands to a single user?  Not easily.  But you can enable https://www.pluckeye.net/multiuser.html , which gives different users different settings.

If you want a parental-control-like set up, you could simply use a high delay with a parent who has expedite powers.  But I don't know if that's what you want: namely, the end-user requesting changes and somebody else approving them, or whether you want somebody outside the computer user to control settings completely.

If you explain what you want in terms of real or fictitious people (e.g., "Mom wants to monitor Bobby's access.  Mom never uses Bobby's laptop, ...), it would be easier to answer your question.

Offline

#4 2019-07-13 20:01:53

orin
Member
Registered: 2019-07-13
Posts: 10

Re: Can I limiting user account access to Pluckeye on Linux?

I searched the forum. I want to make pluckeye into like a reference monitor where I am the Subject and websites the object. I, as the subject, should not be able to change my rules. Is it possible to have for instance "a mother" to make Bobby not be able to change the rules (limit his privileges). Here is another way to put the question, can you change the configuration where you have to enter a password to be able to add/remove site to Pluckeye?

What is your definition of a high delay? Because it seems the limit is only 7 days. The context of the question is using pluckeye as parental controls but I would like to either remove Bobbys permissions/rights so he cannot change the settings or set pluckeye up where he would have to enter a password to allow sites (ie change the configuration of pluckeye).

Is it doable yes or no? If not, please point me to the right direction.

Offline

#5 2019-07-13 21:20:19

jon
Administrator
Registered: 2017-01-10
Posts: 184

Re: Can I limiting user account access to Pluckeye on Linux?

orin wrote:

I searched the forum.

https://forum.pluckeye.net/viewtopic.php?id=2 was intended to get you to use this format:

    1. System: Windows, Mac OS X, or Linux (<- change this)
    2. Pluckeye version: 0.50.3 (<- change this)
    3. Browsers: Chrome (<- change this)

In particular, what operating system are you using?

Offline

#6 2019-07-13 21:30:56

jon
Administrator
Registered: 2017-01-10
Posts: 184

Re: Can I limiting user account access to Pluckeye on Linux?

orin wrote:

I ... should not be able to change my rules. . .  The context of the question is using pluckeye as parental controls but I would like to either remove Bobbys permissions/rights so he cannot change the settings or set pluckeye up where he would have to enter a password to allow sites (ie change the configuration of pluckeye).

I'm unclear on whether you have a son "Bobby", or if you are referring to yourself as Bobby.

I don't know what you mean by "reference monitor".

No, there is no native password protection, but you can kinda simulate it using https://u.pluckeye.net/ , a helper, and a high delay.  In addition, you might have similar "lockdown" options depending on the operating system you are using.

The builtin limit for delays is 7 days, yes.  Every so often I'm asked to raise that limit.  To which I always reply: try it first, and if you in practice find that 7 days is too short, please do let me know.  Thus far, the response, if any, is eventually, "Actually, 7 days is enough; I understand now."

If this is truly a parental control situation, where there is a parent and a child, then there are ways to prevent the child from changing settings, even given the 7 day delay.  But if this is a self-control situation, then please try using Pluckeye in practice before deciding 7 days isn't high enough.

The assumption with Pluckeye is that the end-user wants to change.

Offline

#7 2019-07-13 23:47:45

orin
Member
Registered: 2019-07-13
Posts: 10

Re: Can I limiting user account access to Pluckeye on Linux?

Reference monitor is a concept of the security kernel --- you know access control? Very important to technologies more closely associated with Authorization step of Identification, Authentication, Authorization, Accounting and Auditing, Okay, Is Pluckeye more similar to a transparent proxy/web proxy or firewall. I wanted to come here first before having to spend the extra time of making my own proxy or spend time making a script and using crontab for every 7 days. Thanks for your help.

Offline

#8 2019-07-14 01:09:27

RNYC
Moderator
Registered: 2017-01-14
Posts: 188

Re: Can I limiting user account access to Pluckeye on Linux?

I needed a quick whitelist for a student borrowing a school computer. Since the student was young and the family was not technically capable (recent immigrants and did not know English), Pluckeye worked in that instance. I made a 24 hour delay and had a script that re-imported the whitelist and set the delay each time the computer was turned on and at a set time each evening. Having a password like you describe would have made the whitelist super easy but the intended audience for Pluckeye is people who want self-help.

When I had more time later, I limited the computer to Firefox and used two extensions. One provided the whitelist and the other locked the settings.

I think the short answer to your question is that any user can change a Pluckeye rule...but obviously will have to wait one delay for it to take effect. But I agree with Jon that your use-case is a little bit unclear.

Offline

#9 2019-07-14 17:04:13

orin
Member
Registered: 2019-07-13
Posts: 10

Re: Can I limiting user account access to Pluckeye on Linux?

Hey, Thanks RNYC; that is what I will have to do then just making a script. I think you guys are only viewing this situation for your perspective and not putting your self in other situations. Self-help is not limited to just time-based solution and to say putting a password on a black list or whitelist is not self-help -- that is ridiculous. For example, a hospital has many people (not all the same) some car accidents the people have to stay in critical care until they are able to return home and other people involved in a car accident just go in for a check up and return home. They are both involved in a car accident some need extra help and others are able to go home. Could it be possibly you just don't want to understand the problem? I am not considered worth your time or here is a person who may not be as smart as you guys or able to write a proper use case or take what I am thinking and articulate in the right way. I need to work on it yes, but I feel like you guys should have some more understanding.

Last edited by orin (2019-07-14 17:05:22)

Offline

#10 2019-07-14 21:56:18

RNYC
Moderator
Registered: 2017-01-14
Posts: 188

Re: Can I limiting user account access to Pluckeye on Linux?

Actually, I would have loved to use Pluckeye school wide when I was there. A teacher could have had certain allow lists pre-set that classroom computers would import from a server and put into action right away because of certain administrative rights. This would have let me set up computers for research projects much easier than the full proxy system I had set up on a separate server. And as a parent, there were times I wished I could lock Pluckeye's settings beyond the delay to use as a filter for my children.

But I have been a volunteer for Jon long enough to know that as a one-person software developer he has to focus on the core product capabilities. With the way browsers keep updating, a lot of his time is involved in creating patches just to keep the core capabilities working.

So I actually agree with you. Having the ability to lock Pluckeye's settings with a password is something I would have been able to (and actually still would) use. But there are only so many hours in a day to work on things that are helpful.

I suggest that you head over to https://pluckeye.uservoice.com and formally suggest your idea of a password that blocks setting changes there. Maybe it would be easy to implement and therefore a candidate for implementation.

Offline

Board footer

Powered by FluxBB