Suggestions for ChromiumOS/Chromium policies

[The Mariocrafter]

Hello, I'm not exactly a manager at a school district but I have some simple requests for policies to implement. 

- AllowCtrlShiftQQ or whatever - disables the Ctrl Shift QQ keyboard sequence to log off ChromiumOS. This policy would be very useful, as there are many online documented instances of students abusing other student's ChromiumOS devices using this command. It is possible to disable the shortcut by overwriting it with a browser extension, but there should be a policy to disable it. See https://www.tiktok.com/discover/ctrl-shift-qq-and-more as evidence of this shortcut being abused. For the policy, there should be an option to disable it, and when pressed when disabled, a message will pop up saying that the administrator disabled it.

- AllowBarralRollEasterEgg - allows enterprise to disable the easter egg initiated when Ctrl+Shift+Alt+Reload is pressed, where the window spins. This may be useful in schools that have users getting distracted by the easter egg, however should otherwise remain on by default.

- AllowSpinningChromeLogoEasterEgg - allows enterprise to disable the spinning chrome logo in settings > about chromium/cromiumOS when you click on the logo. Since this is very trivial, it should be left on by default but institutions should be able to disable it if needed and when clicked when disabled, make the logo break similar to how the dinosaur gets hit by an asteroid when that easter egg is disabled and display a simple message.

- ArcAllowUnknownSources or whatever - Adds a button in ARC settings to enable the installation of APK files as you would normally do on traditional Android, this won't have any security issues due to the ARC ADB in Crostini already existing, but nonetheless this should be added. An example of an institution that would benifit is a coperation who is moving from Android-based tablets to ChromiumOS-based tablets or is using both in conjunction with one another, but relies on the installation of APK files from multiple sources on Android.

- ReportHistory - If My Activity is disabled, a business or school should be able to retrieve the Chrome browser history file in a user readable format.

- ReportDownloads - This report's the user's Downloads in Chromium to the administrator, as they are not synced another way. A use case is for schools investigating whether a student has downloaded pornography or extremist material such as Neo-Nazi content to the device

- ReportTrashInfo - Reports the metadata in every .Trash/info folder, explaining the date of deletion, name, and former path

of the file, and wether it still exists or not

- ReportFileList - Reports a list of files on the user's My Files content excluding the Linux and Play folders

- ReportCrostiniFileList - Ditto, but for "Linux files", only reported when Crostini has booted up to prevent the VM slowing down low-spec devices without the user's knowlege.

- ReportArcFileList - Ditto but for "Play files". Only reported while ARCVM is on.

- ReportParallelsFileList - Ditto but for Parallels files.

- ReportCroshHistory - Reports the contents of the .crosh_history file of the user actively running, useful when determining in the subject of a corporate data breach incident what people did in Crosh.

- CrostiniAllowGUI - Allows the disabling of GUI programs in Crostini, may be extremely useful for schools, as students will only be able to do Python programing on the Crosini VM for instance, and not be able to install games or unauthorized programs. When a GUI window is attempted to be opened, an error will say that the administrator disabled GUI. VNC could still be used to play games, but if all VNC apps are blocked on the play store, the game could only be streamed to a personal device, which at that point the user would opt to play games directly on the personal device instead.

- ReportCrostiniHistory - Reports the .bash_history of Crostini, again only reported when the user initiates the VM to prevent performance issues

- ReportCrostiniPythonHistory - Ditto but for the .python_history file instead. They are both text files with one command per line.