[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Using squidguard blacklists in skolelinux(.de)

>> A better approach imho is to create a blacklist which is available
>> from the skolelinux.de site. It should just be a copy from the
>> teledanmark blacklist with possible postprocessing (e.g. removal of
>> sites that are known to be ok or adding of sites which are known to
>> not be ok).
> We should consider delivering the hash codes only - to evade potential 
> juristical consequences (INAL)

Could you explain please? Both legal issues and technical consequences?

>> Skolelinux installations would fetch the blacklist periodically
>> (which time intervals make sense?) and then there will be some
> like once a week? once a day? differences versus whole lists?

Whole lists - much easier to implement, less fragile in the long run -
bandwidth is cheap these days. Do you know how often the lists should be

>> postprocessing as well: teachers can add whitelist and blacklist
>> entries through the webmin interface.

I suggest this approach for starters: teachers can enter domains and each white-
or blacklisted domain blocks out the whole domain. Or is this too "thorough"?
Do you need to block specific URLs?

If you use regexes to block URLs/domains you inevitably have to explain those
to users. And you also have to prepare for "weird" and "unexpected" side

A simple solution as described by me is easy to explain. It is obviously
imperfect, but no URL-blocker is perfect.

> We should consider the definition of a set of black-/whitelists that can 
> be activated one by one. Blacklists you find on the web often are 
> ckassified into
> - adult 
> - violence
> - illegal

Yes, the default squidguard blacklist is a set of files which are
categorized. One could show the categories in the webmin interface and
teachers could select which ones to use and which ones not.

> We could add a group "chat" and "mail" to disallow such services for 
> special occasions. In praxis, teachers shouldn't tweak around with 
> singular selcetions, but select one of a a list of predefined profiles
> (allow everything / ban adult stuff / kids only / ...)

I prefer this approach to offering a fine-grained selection.

I'll play around a little bit - especially with webmin - and then report back
to this list.

-- Dirk

Reply to: