Even if Chrome does work OK, I have no plans to roll it out to a network. By all means give it a goMaybe .......... you can post results when and if you get a chance to
I've only tested it on XP at the moment. This is what all my sites use.Do you have it running on any TS\Citrix boxes?
So I take it we can just install this, make the necessary changes, then just package it up again?Originally Posted by Michael
Michael. Out of interest, have you solved the problem where users can browse drives in Firefox e.g. by typing C:\ in the address bar and access about:config? The solution discussed here doesn't work for me. I created a package almost exactly like yours several months ago, but this issue has prevented me deploying it onto the school computers so far.
Last edited by Arthur; 4th October 2009 at 03:17 AM.
@Arthur - If you type about:config into the address bar, you cannot change any of the settings I've set, such as proxy settings or homepage. These settings are locked by the custom mozilla.cfg file I created.
If you download the Proxy Free version from my website you can try/see this for yourself.
Yes that's correct, then use FFDeploy to repackage it with your changes. Alternatively I don't mind making some variations if there's enough demandSo I take it we can just install this, make the necessary changes, then just package it up again?
I did try your package shortly after I posted, but surely if students have access to about:config there's still a lot of other stuff they can mess about with even with the prefs you have locked (which is why I was looking to block access to about:config entirely - not to mention file-system browsing too).
A couple of other things I noticed with your Firefox package is that 'xpinstall.enabled' is set to true which enables anyone to install add-ons. Is this not a really bad idea, not only for security and consistency reasons but also the fact that students could really screw Firefox up? Secondly, if the users have roaming profiles the browser cache will be stored on the network which will not be very good for performance reasons. Mozilla recommend changing the location of the cache to a faster local hard drive via the browser.cache.disk.parent_directory preference.
Does it really matter if students change the settings? Whats the worst that will happen? they get to 'read only' some system files.....I did try your package shortly after I posted, but surely if students have access to about:config there's still a lot of other stuff they can mess about with even with the prefs you have locked (which is why I was looking to block access to about:config entirely - not to mention file-system browsing too).
Are you sure this isn't taking things a bit too extreme in terms of locking down? If the network is too insecure to allow students to change proxy settigns and browse the filesystem, locking FF is closing the stable door after the horse has bolted - plus it will make further updates a pita.
As long as none of FF settings are saved (use a read only manadatory profile for default settings), make sure students cannot write to the c:\program files\firefox so they cannot screw with the installation with all sorts of addons, I don't really see the problem.
I can see your point, but considering that most schools lock down Internet Explorer really well via GPOs it would be nice to do the same with Firefox too. Given the chance, the students at my school would love to mess around with the settings just because they can. Locking it down completely also enables you to create a [ame="http://en.wikipedia.org/wiki/Standard_Operating_Environment"]SOE[/ame] which is a good idea if you are implementing FITS or ITIL processes.
Sure, the files will be read only, but the problem with file-system browsing is that students could copy applications and other files they don't normally have access to onto their memory sticks. Once they are on there there is not much you can do about it. What would happen if a student did this, took the applications and/or license files home and then shared them on a P2P program for example? That would definitely not be good for the school especially if the company that makes the software found out.
@Arthur
I just think that sometimes we (me included) spend ages trying to fix something that isn't such a big deal in the first place - only to find x months later to go through the whole process for every upgrade.
Sometimes it's ok to give the students flexibility to explore computers, it doesn't make the computers any less standard if they can't make permanent changes.
Is there a demand for p2p educational apps? I'm shocked.
If you'd like to hide/remove about:config do the following:
Navigate to C:\Program Files\Mozilla Firefox\chrome
Rename toolkit.jar to toolkit.zip, then navigate to, content > global and delete config.xul
Now rename toolkit.zip back to toolkit.jar then try running about:config. You should receive an error message.
Arthur (4th October 2009)
Locking down the browser to prevent changes also saves us time in the long run so we don't have to fix things that they inadvertently break through their tweaking.
Understood, but if all changes revert to the default settings when the browser reloads (through the read only mandatory profile) and no addons can be installed (again permissions) then I don't see what would break through tweaking.
I'm not trying to bitch at your efforts, as we've been through it as well.We spent quite a lot of time locking firefox for citrix (my colleague did all the hard work) IIRC the way to disable c:\ was to redirect file:// to about:blank. I'm now thinking that we went a bit OTT with it, upgrades are a pita - and TBH if we wanted a fast but limited browser we should have just installed Chrome.
OK I'm up to V5 on the FF Beta. I've uploaded them for download and I've made additional tweaks
I'm upto V7 which I have installed today on a network running XP SP3 clients and so far so good. The speed boost is very noticeable
I have found a bug with FF 3.5.3 with regards to the British Dictionary. Other FF users on the web have reported the same issue. The Add-on always fails unless you update it, so by default I have disabled Spell Checking
The second problem I have noticed is when attempting to view secure websites using FF and BGFL's proxies. It just doesn't load, yet they do in IE8. As soon as I switch off proxy settings, websites like Yahoo Mail, Gmail and Paypal (which are all secure), all work absolutely fine. It does look like a proxy issue to me.
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
LinkBack URL
About LinkBacks