LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 06-09-2005, 08:43 AM   #1
slug420
Member
 
Registered: Jul 2004
Posts: 68

Rep: Reputation: 15
addtl security measures


Obviously this is a huge topic so allow me to try to describe the situation
a little in hopes of narrowing it down.

We are trying to implement some suse workstations that will be as close to
thin clients as we can get them.

I installed suse 9.1pro and have worked extensively with KDE-Kiosk to lock
the users in fairly tightly, many of the users have nothing under the
"start menu" blank taskbars (please excuse the windows terminology) no
ability to right click anywhere and every method for accessing the command
line that I know of disabled.

I then installed Bastille which I BELIEVE is running correctly (looks like
it applied the options I selected) and am now looking to take some final
steps to make sure users dont have access to anything other than what they
absolutely need.

I notice when logged in as a user with a few more priveleges than described
above although still restricted by kiosk, that they cannot get to /root/
while browsing around (there is a locked icon on the folder) but they can
get to other folders and view contained files and it just wont let them
write to them. How can I lock them in their local directory so they cannot
get into anything else to poke aronud or view files without stepping on the
kde-kiosk profile files and wallpapers and icons that the users are using
in KDE (these files are located a few different places).

I assume the best solution is to put their wallpaper kde-kiosk profile
files, desktop shortcuts and anything else they need in their home
directory and lock them in there, but the desktops are identical across
multiple users so they all access the same shortcuts, have the same icons
and wallpapers and use the same kiosk profiles. Any ideas for how I should
set this up? And what is the best way to go about setting all these
folder/file permissions?

thanks for any guidance
 
Old 06-10-2005, 07:45 PM   #2
Capt_Caveman
Senior Member
 
Registered: Mar 2003
Distribution: Fedora
Posts: 3,658

Rep: Reputation: 69
You can usually lock users into their home dirs with some form of chroot (like chroot jails or restricted shells), but allowing them to browse into / shouldn't be a problem unless they can write or view important files like configs, which they nornally should'nt be allowed to view.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
linux kernel panic measures mimithebrain Linux - General 2 11-03-2005 08:00 PM
[Security Questions] Last Login, how good is this feature for security breach info? t3gah Linux - Security 2 06-14-2005 02:02 AM
todays requirements regarding security (not limited to linux security) markus1982 Linux - Security 8 04-25-2004 11:58 PM
additional firewall measures Syncrm Linux - Networking 1 04-18-2002 11:09 AM
Measures for accident!? Rex_chaos Linux - General 1 09-25-2001 01:12 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 01:49 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration