There are several classes taught in LIS which require specialized computer tools. One such class, LIS353, has students install and configure a web server as part of the instruction. Other classes require advanced document processing functionality.
For the price and performance, linux was by far the best choice for students to work with. The performance of software under linux is quite good. Linux can handle running multiple web servers from one machine with virtually no slowdown. Although some recent GUI's such as KDE and GNOME require extensive processor usage to operate, a linux server-only system will typically run on older, slightly outdated hardware far better than alternative OS's run on the latest hardware. As a bonus, the cost of a great deal of linux/unix software is $0.00. This is a good price for anyone on a budget. One major problem seems to exist, however, and that is security.
Because of linux's power, it is easy to have a linux machine perform tasks such as sniffing. This is obviously not desirable on a campus network. Therefore, the security of the systems must be maintained. One common misconception is that linux is less secure than other OS's. This is not fundamentally true. Linux does provide an infinite number of methods for configuration. Therefore, it is possible to either intentionally or unintentionally misconfigure a system and have a security hole. Of course, someone configuring a linux system also has many ways of handling security issues, and is often able to compensate if one particular method proves dangerous.
The best way to absolutely guarantee that nobody will breech security on your computer is to unplug it and put it in a bank safe. Of course, that's not very useful. Giving every student full root access would make the job of installing much easier, however the security would be non-existent. Somewhere in the middle is where security should be. Linux, fortunately, has the ability to operate in this middle ground. To figure out exactly where the line should be, we came up with a few basic principles.
First, we assume that no student would maliciously breech security on any system. While this may not be 100% true, it is a good starting point. Further, if a student were to be caught attempting to breech security, we would be able to take disciplinary action.
Second we assume that students may unintentionally set up servers which have security problems. In the event this happens, the damage must be minimal to the system as a whole.
The network and outside world are hostile to our servers. The possibility of someone packet sniffing traffic into or out of our servers is quite real.
The first design principle was to eliminate potential problems from sniffers anywhere on the net. To accomplish this, any service which requires a password must not accept cleartext. Therefore, telnet and ftp were disabled, but ssh and sftp were allowed. Also, any service which was unnecessary was disabled. For example, the machines did not need to run a mail server, or xdm, or an IRC server.
To minimize any effects of a student misconfiguring a server, several steps were taken.
In short, a system was set up with 5 login servers for load balancing, a closed-to-login web server, and a closed-to-login LDAP server for student use. The system was designed to minimize effects of students who unintentionally misconfigured something, or from outsiders wishing to break in. The system still allows a large amount of flexibility and is a valuable instruction resource.