Well the other suggestions may work I guess. Well except for the part about denying the user write access to their home directory - how's the Firefox profile going to get created huh? Also if a user owns the folder they can do whatever they like with the files contained in it, regardless of who owns those files.
This is the way I do it. (Note _do_ it, not would do it, I have created such a user.)
Log in as the user. Install the
r-kiosk plugin. You may also want to consider
tab killer and
noscript.
In the user's home directory create a file called .xinitrc and in the file put one line
firefox
create a symbolic link to .xinitrc called .xsession. This fixes an issue where the user may be able to get a full desktop environment by specifying it a particular session at the login screen.
Log out as that user.
Set the user's shell to /bin/false to prevent logins on a text console.
That will give you essentially what you want to do though you may need to tinker a bit. If you want to be more paranoid you can get in to ripping stuff out of Firefox that you don't want people to be able to access, like remove the file picker and print dialogues and stuff. In my set up the user has no password and KDM is rigged to allow password-less login. The idea is that people can login with a specific username without a password and they get a Firefox only session that opens at the page where they can activate their own user account. Firefox is locked to to the extent that they cannot access sites outside of our domain. I use a separate copy of Firefox from the one people run when they usually log in due to the extent of the customisation. Also the account is rigged such that all the settings are deleted when the user logs out and the permissions are set up such that the user does not own the .xinitrc and .xsession files (or their own home directory - there's some trickery here with groups) so even if someone does manage to get a shell they cannot delete them. Also I have an init script which deletes the home directory at boot and recreates it just for good measure. I have some notes on all this if you're interested but they're a bit rough.