• Recent
  • Unsolved
  • Tags
  • Popular
  • Users
  • Groups
  • Search
  • Register
  • Login
  • Recent
  • Unsolved
  • Tags
  • Popular
  • Users
  • Groups
  • Search
  • Register
  • Login

Users Security Settings

Scheduled Pinned Locked Moved
General
3
5
1.3k
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • F
    FallingWax
    last edited by Oct 25, 2016, 1:41 PM

    I saw a post from a few years ago referencing security settings as feature request but there was not a lot of movement on that post. I have a large environment with a number of employees that are deploying images and occasionally capturing them. I am concerned about deleting images and users. Are there any settings to disallow those actions for certain users?

    1 Reply Last reply Reply Quote 0
    • G
      george1421 Moderator
      last edited by Oct 25, 2016, 1:58 PM

      The current security plugin (if it still exists) is very immature and not ready for a production environment. The current way FOG is designed (internally) is not geared towards security at all. You (as a fog user) are either a mobile deployment user or a fog admin. There are no levels of admins or controls of what certain admins can do. This is a bit unfortunate, but it is the current state of the system.

      While this is all vaperware right now FOG 2.0 will be built on a tight security model with multiple keys and locks to areas inside fog. But this product is several years off at this point. FOG 1.3.x will be the last in this development line using the LAMP foundation.

      With FOG 1.3.0 you can protect images to a certain point where the images can’t accidentally be overwritten. But as an admin you can purposely go in and remove the protection from an image then upload. So if you have an angry admin they can damage the fog system pretty quickly.

      Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG!

      1 Reply Last reply Reply Quote 1
      • W
        Wayne Workman
        last edited by Wayne Workman Oct 25, 2016, 11:29 AM Oct 25, 2016, 5:28 PM

        I think the security plugin was removed because it required php editing to work for people.

        We have 30ish people with very differing levels of experience and skill working in a very large distributed fog system. We have not suffered image loss or a massive screw up yet, it’s been about a year with this so far.

        Of course I had the exact same concerns you have. I stress to our techs that they have more responsibility in fog, and have to be more cautious and careful. I also tell them about the history table that cannot be seen from the web interface - yes it’s a real thing.

        Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG!
        Daily Clean Installation Results:
        https://fogtesting.fogproject.us/
        FOG Reporting:
        https://fog-external-reporting-results.fogproject.us/

        F 1 Reply Last reply Oct 25, 2016, 5:57 PM Reply Quote 0
        • F
          FallingWax @Wayne Workman
          last edited by Oct 25, 2016, 5:57 PM

          @Wayne-Workman do you enable user accounts for each employee for tracking purposes?

          W 1 Reply Last reply Oct 25, 2016, 7:20 PM Reply Quote 0
          • W
            Wayne Workman @FallingWax
            last edited by Oct 25, 2016, 7:20 PM

            @FallingWax yes. We have no generic accounts in fog. Everyone has their own account. This enables tracking in the history table however we have yet to need it.

            With a user account per person you also know who last imaged, who images were made by, who snapins were made by, and so on. Those items are in the web interface.

            Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG!
            Daily Clean Installation Results:
            https://fogtesting.fogproject.us/
            FOG Reporting:
            https://fog-external-reporting-results.fogproject.us/

            1 Reply Last reply Reply Quote 0
            • 1 / 1
            1 / 1
            • First post
              1/5
              Last post

            211

            Online

            12.0k

            Users

            17.3k

            Topics

            155.2k

            Posts
            Copyright © 2012-2024 FOG Project