On Thu, Mar 23, 2017 at 2:08 AM, Masood <masoodhussai...@gmail.com> wrote:
> > Is it possible through guacamole to restrict the user interaction with the > remote Desktop? I don't want to give full access to the user. I want to > limit his interaction with the application. > > You would want to implement any such restrictions within the remote desktop server itself. Attempting to enforce such restrictions on the client side (within Guacamole) would likely prove infeasible / too easy for a user to get around. > I want user to interact with the specific application(application ideally > should open automatically when user access the remote computer) for > evaluation purpose but he should not be able to close or minimize the app > (For example when the user clicks on the top left or top right corner of > application nothing happens as it is out of range for him). > > Keep in mind that, from the perspective of Guacamole or any other remote desktop client, the close button is no different than anything else on the screen; it's an image. Once the incremental changes describing the contents of the screen are received by Guacamole, all semantic details of that data is absent. Only the remote desktop itself is aware of the fact that a particular application has buttons of any kind, whether it should open that application automatically, etc. In the case of RDP, there is native support for opening applications upon connection, but preventing the user from closing that application would need to be configured within the OS or the application in question. RDP and the RDP client will not be able to prevent this. For VNC and Linux, the VNC server operates as an X11 server, and there is no need for you to run a full desktop environment. If you restrict the server to just the application you want and some window manager, then that would be a start, but again you'll need to implement any further restrictions within the OS or the application. Can this feature be implemented through the client or through HTML5 or is it > not possible. > > It's not advisable, since any such restrictions would be trivial to circumvent. You wouldn't want to restrict the ability to close an application or open other applications purely through preventing (for example) mouse clicks to certain locations; you'd want to have the application itself refuse to cooperate, and the environment around the application refuse to do anything but run that application. - Mike
