Disabling Networking and Mounting Capabilities
 

I'd like to modify a linux distro, specifically Puppy, so that the drivers/mechanisms for mounting local HDDs and Networking is Disabled completely.

A step further than simply disabling "auto-mounting" at boot time, I don't even want mounting to be possible (at least by default).

Likewise, further than just disabling network devices, I'd like to remove the ability to use network devices.

I'm somewhat new to Linux in general, so some background information would be helpful too. How are these "mounting" and "device drivers" mechanisms implemented, where are they, and what are my options?

Thanks a lot.

If you are disabling mounting you may have issues booting...

I think you'd do well to explain what sort of system you want to create at a much higher level. What you are asking for sounds kinda nuts to me. What does it mean to you to "use" a network device?

Well, the main idea is to have a live-cd that doesn't allow the user access to the internet, nor allow the user to listen to 802.11x via a wireless card. (Connecting to the internet, or any network, or sniffing are examples of network device "use").


Further, I don't want the Live-cd user to have access to any of the hard disks on the computer it's using, thus the disabling of mounting.

Yeah, I "may", so disabling mounting all together may not be the answer, but at least a mechanism for disabling mounting of local hard disks is what I'm looking for. Again, it's ideally a live-cd, and shouldn't need the local disks for anything.

For networking you could just not compile them in the kernel or as modules, even going so far as to remove module loading in the kernel so someone couldn't bypass by adding a module.

Mounting is a bit tougher since it's needed for booting. You could have the mount command in the initrd/initramfs and not in the final root filesystem, but you'd need to move any filesystem checking into the initrd/initramfs. Since mount is a root only command is it really a problem or will whomever have root access on the system?

Sounds like you just want to prevent root access, no? Remove sudo to be sure, and set an obscure root passwords and you are where you want to be.

@DoomUs:

Are you trying to create a "kiosk" using puppy linux?

Thanks everyone for your responses. @Peufelon, I'm not positive, but a "kiosk" idea seems like the direction I'm going.

@estabroo, Thanks a lot for your response, this was really helpful. What's involved in excluding the networking module from compilation? Does anyone have any good linux compiling tutorials that address these types of issues? Also, can someone explain the "mounting" solution @estabroo suggested a little deeper? I believe that it's a reasonable approach, but what's going on there, and why will it work?

By the way, I don't want to restrict root access altogether. It's assumed that the user has root access, and what they do with that is permissable. If they write new drivers for connecting to the network, or write code to mount on their own, I'm not concerned with that, I'm concerned with the "default" behavior, and that's all.

Thanks.

if they can write their own kernel modules they can easily put back in anything you might want to disable. I think your expectations aren't realistic.

@acid_kewpie, regardless of whether my expectations of users are realistic or not, my goals remain the same. Users have root access, and by DEFUALT, mounting is disabled, and Networking capabilities are removed.

perhaps a little more detail on your actual purpose is, as in how you actually intend to USE these machines? this sounds like something that could potentially be achieved with diskless workstations or live cds on machines without hard drives?
either way
1) Linux only has one root account
2) only accounts approved to use sudo can actually do so, therefore you can prevent root access by simply not approving the restricted users from using sudo
3) no drive can be mounted without root privileges unless explicitly configured to do so, the exception being thumb drives, but this also can be disabled
4) the network can be disabled without disabling the modules, how varies from distribution to distribution

unfortunately, what you have to do to lock down your system varies based on what your ultimate goal is for the systems, which you havn't exactly provided

No, that's just not right. You need to work WITH the systems you have, not against them. Whilst with enough work it's surely possible to acheive what you want I'd imagine you'd be needing a heap of kernel development and the likes. root access means you can do anything, that's the point of it, and whilst it sounds like you're in a position where you will have a persistent kernel that can't be wholesale replaced being on a livecd, I don't think it's at all realistic to want the bizarre system you're after.

Again, if this is to be used by someone who can write their own kernel driver, you are never going to lock down a system to beat them.

How do you stop the user using a different LiveCD that will provide all the privileges that you are looking to remove?

I'm not concerned with what the user might do. I only want a live-cd that exhibits these characteristics. Whether they're bullet proof, or presumptuous I'm not worried about.

I don't. I'm only concerned with my own live-cd.