I am struggling with a unique challenge here. For security, I am forcing screen recording for all Rescue sessions. I write them to a CIFS share on our network. One goal that I have is that I would not like the technicians to be able to read the video recordings after the session ends.
For this reason I set permissions on the share so that all technicians only have write access. However, I ran into a problem when testing. I have configured Rescue to only allow remote control if the session can be recorded, and thus there is a test file written by Rescue to the recording destination prior to establishing the remote control session. Though the write is successful, what I found is that Rescue reads the test file after writing to ensure the write worked.
So with write only permissions this step fails, however I then worked around this by giving read/write permissions to the technicians on the test file, but still only write permissions on the recording directory. This worked, however what I found was that once a session is established by an additional user, the test file is overwritten, and the permissions I had applied on it are reverted to defaults, which means all of the other technicians lose their read/write on it.
At this point, the only way I can see to make this work is to grant read/write permissions on the recording directory for all of the technicians, and have the permissions inherited for new files in the directory. However, this then means that technicians would be able to replay the recordings after a session ends.
Is anyone else trying to do something like this, and if so how are you doing it? I am looking for a creative solution to make this work without giving technicians the ability to view the recordings.
