[sane-devel] Setting up a dedicated machine to run scanner

kilgota at banach.math.auburn.edu kilgota at banach.math.auburn.edu
Fri Jan 19 22:48:02 CET 2007 

Hi,

I want to set up a dedicated machine in a semi-public location 
(departmental printer room in my university) which will do the following 
things:

1. allow people to use it freely to run the attached scanner and to do 
something with the output

2. output can be sent to the printer (which requires network access),  or

2a. sent by scp to another machine on which the scanner user has an 
account (obviously also needs network access), or

2b. copied to the user's USB flash drive which the user can be plugged 
into the back of the machine (obviously requires automatic mounting and 
umounting of said flash drive)

So, there is an obvious conflict between usability and security. I would 
say that it is not the right kind of environment to go making people to 
get an account on the machine; they should be able just to come and run 
the scanner. I would say that it should not be permissible to run any 
shell (by, for example, launching an xterm with a command prompt) and also 
it would be good to set up xsane so that it automatically clobbers the 
previous output file when a new scan is done, and the user who walks up to 
the machine cannot change that. Also, the save-the-file dialog should only 
allow the file to be saved in the scanner account's directory, or on the 
flash drive (which would require a hookup of the save-file dialog to mount 
the flash drive automatically and invisibly, but with a warning in case it 
has been attached, and to unmount it when the file has been copied, along 
with another warning if said flash drive is removed prematurely). 
Furthermore, the save-file dialog should only allow inspection of the 
scanner home directory and of the flash drive, not other directories.

Has anyone already done something like this? To what extent is it possible 
to configure xsane by means of an .rc file, which the user cannot alter? 
Also, how difficult would it be to get the "Help" key to give some help 
which is specific to the situation, telling the user what can and cannot 
be done, and how to do what can be done?

I have figured out how to do things like set up an account which will 
start X straightaway and will then do nothing but to run xsane, or perhaps 
a TCL menu box which will do nothing but offer certain options. But how 
much of what I want could be done inside of xsane, with custom 
configurations, without a major overhaul of source code?

Theodore Kilgore

More information about the sane-devel mailing list