using iMac as ThinClient

Posted:
in macOS edited January 2014
Hi,

first of all: i'm new to the Apple and Mac OS,



but i want to use the iMac (24') as a ThinClient. (Using ssh to tunnel X11 from Linux Servers in Xnest)



Now i want to secure the iMac, so that it will not be possible to copy from one Xnest to another, and getting any data from the iMac to somewhre else.



I also need to prevent the users from makeing screenshots or geting any information out of a Xnest-Session and mail/transfer them somewhere else.



What i've already done is installing Open Firmware, so it's not possible to boot a other OS,

enabling Parental Controls and only allowing the user to start X11 and some other apps.



Maybe there is already an application or Option in the System doing exactly what i want.?

It would be great if anybody could help me getting the iMac secure to use it as a ThinClient.



Thanks in advance.

Comments

  • Reply 1 of 4
    You could disable all the key combinations for screen shots in System Preferences --> Keyboard and Mouse --> Tab Shortcuts.



    I'm not sure, though, that you could disable copy, cut and paste system-wide.
  • Reply 2 of 4
    mr. memr. me Posts: 3,221member
    Without getting into particulars, MacOS X allows you to establish restricted user accounts with access to only those applications you want. Before getting in the business of establishing restricted accounts on your machines, you need to understand it better. You want user accounts which are actually useful. However, you don't want to leave open obvious holes which will allow users who know more than you do to communicate restricted data.
  • Reply 3 of 4
    You have told him what he wants to do; now tell him how to do it.
  • Reply 4 of 4
    X11 gives the user access to all the executables of a full fledged Unix System. Also, it is possible to launch applications that you have disable access to from the UI via the command line. That is one large security hole. These changes help if you are OS-X native client application. The Shell is never secure.
Sign In or Register to comment.