Let’s say I want to enforce certain settings, such as the use of a proxy in network settings for certain users.
Isn’t this easily bypassable by for example by installing TOR browser or using a VPN app in the user space?
How does system mangers can be sure users will only use the system as planned by the sysadmin? I’m especially interested in network settings, but in general I would be interested to know more about this/be pointed towards the right direction.
Thank you!
Trying to “secure” a turing-complete computer system by some arbitrary limits like that will never work. Unless you manage to directly prevent traffic that isn’t going through your proxy, it’s all pointless as people will just hack stuff together, be it by downloading binaries themselves and placing them in the home dir, or even by running them in-memory.