Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Hi, i own a internet cafe that used to have windows installed in every computer but i decided to use linux instead. So i'm using CCL for the administration and everything is ok. My question is, what kind of security measures should i use in every computer to avoid users from damaging the pc. I wnat to do what i did when i had windows installed, not allowing entering in the control panel, not running certain programs, etc. So can anyone give me an idea about a program or tutorial that could help me? Thanks for any answer i may get.
Your main protection will be proper use of file permissions. You set up your file permissions so that your users can only access the few programs and data files that you allow them to use. Here is a tutorial on file permissions:
Hi, i own a internet cafe that used to have windows installed in every computer but i decided to use linux instead. So i'm using CCL for the administration and everything is ok. My question is, what kind of security measures should i use in every computer to avoid users from damaging the pc. I wnat to do what i did when i had windows installed, not allowing entering in the control panel, not running certain programs, etc. So can anyone give me an idea about a program or tutorial that could help me? Thanks for any answer i may get.
Everything i want to tell you is pretty long ... 2 things - if you just let everyone get into it by using a regular nonroot name and p/w , I think it would solve a lot of problems.
2. LTSP project is something that can maybe help you. Linux terminal server project.
In order to do anything serious to your boxes, they'd need root access.
You should patch your kernels with grsec/PaX to prevent the use of local root exploits and other malicious software, put them in a chroot and keep your systems updated (kernel + distribution). You have the alternative of using DeepFreeze as well. Here is their official site: http://www.faronics.com/html/dflinux.asp
It was used around here in internet cafe's, running Windows though.
You would then have thin clients which can get booted with a new OS every day or when someone logs off. Removing any damage they caused if they did. Also keeping it up to date would be easier since you just have one global image that they boot off.
1. not only deny root access, uninstall sudo if it is installed, that could get ugly.
2. I have a friend thats a network administrator that setup a server that has virtual computers on it (i.e. VirtualBox), and the computers throughout the building are actually running VirtualComputers "projected" to their computers from the server. This would enable you to monitor their actions, as well as giving them a familiar environment. Also, you should be able to set it up so whenever you reboot the virtual machine, it restores your previous system, eliminating viruses and changes the user made. And, since your server would be running Linux, you could use a Linux firewall.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.