Hi all,
Thanks for your responses.
Mithun - regarding your suggestion to update to the latest patched release, I generally agree that this is a good idea, and I see that some interesting and important issues have been addressed in these patches. However, I do not see that my specific issue has been addressed in these patches, so updating to the latest release is not a high priority for me.
Rafeeq - they add the files using the Add button in the View Quarantine screen on the client.
Kurt G. & Ldimple - thanks for the link to the document describing how to lock down the SEP client interface. I don't want to hide or totally disable the SEP client icon, since I like that when I walk through the labs I can see that SEP is running and has a green (updated) icon.
My only option appears to be assigning a password in order to open the client (as many of you suggested). I don't love that option, because I often have to chide students for not running or updating whatever AV product they have at home (many are apparantly not doing so, as they keep bringing in viruses on their USB thumb drives), and by easily accessing the SEP console they can see what an antivirus looks like as well as see that AV definitions by us are constantly being updated.
However, I will consider setting a password if I see that more students are taking advantage of the Quarantine issue that I described. I found the issue myself a while ago while doing testing, but so far only 1 student has discovered it.
Regardless, I still think that when manually adding a file to Quarantine, SEP should check to see if the current user has Delete permissions to that file. I would appreciate it if the Symantec employees here bring this issue to the development/engineering people for consideration.
Kurt - by the way, Beppe is correct, students don't give a hoot about "company policies". I have a hard enough time keeping them from bringing food into the computer labs, and I know from experience that they'll click on anything they can.
Thanks,
-Michael