Re: Using squidguard blacklists in skolelinux(.de)
>> A better approach imho is to create a blacklist which is available
>> from the skolelinux.de site. It should just be a copy from the
>> teledanmark blacklist with possible postprocessing (e.g. removal of
>> sites that are known to be ok or adding of sites which are known to
>> not be ok).
>
> We should consider delivering the hash codes only - to evade potential
> juristical consequences (INAL)
Could you explain please? Both legal issues and technical consequences?
>> Skolelinux installations would fetch the blacklist periodically
>> (which time intervals make sense?) and then there will be some
>
> like once a week? once a day? differences versus whole lists?
Whole lists - much easier to implement, less fragile in the long run -
bandwidth is cheap these days. Do you know how often the lists should be
fetched?
>> postprocessing as well: teachers can add whitelist and blacklist
>> entries through the webmin interface.
I suggest this approach for starters: teachers can enter domains and each white-
or blacklisted domain blocks out the whole domain. Or is this too "thorough"?
Do you need to block specific URLs?
If you use regexes to block URLs/domains you inevitably have to explain those
to users. And you also have to prepare for "weird" and "unexpected" side
effects.
A simple solution as described by me is easy to explain. It is obviously
imperfect, but no URL-blocker is perfect.
> We should consider the definition of a set of black-/whitelists that can
> be activated one by one. Blacklists you find on the web often are
> ckassified into
> - adult
> - violence
> - illegal
Yes, the default squidguard blacklist is a set of files which are
categorized. One could show the categories in the webmin interface and
teachers could select which ones to use and which ones not.
> We could add a group "chat" and "mail" to disallow such services for
> special occasions. In praxis, teachers shouldn't tweak around with
> singular selcetions, but select one of a a list of predefined profiles
> (allow everything / ban adult stuff / kids only / ...)
I prefer this approach to offering a fine-grained selection.
I'll play around a little bit - especially with webmin - and then report back
to this list.
-- Dirk
Reply to: