Tips on Local User Security
Hello,
Sorry, I'm not sure I posted this in the wrong forum, if not please suggest another forum. I'm trying to set up a machine at my School where Students can surf the internet but do nothing else. So I need some tips on what to 'lock' down and how to do it (I'm a linux Newbie). I'm also need some help making the computer boot up straight to a web browser, and not giving them access to anything else, including a command line. Do anyone know of any good how to's? So far I've found a document called "The Linux Public Web Browser mini-HOWTO" Thanks, Matthew Collins |
You can configure a firewall to block everything except, then add ports 53, 80, and 8080 to the allow ports list.
As for making it only a browser... I guess you could create a user account and remove all their access rights... then open the browser using your root password... then they couldn't open much at all I don't think. |
Thanks, I'll look into the firewall...what Linux Distro would you suggest?
Matthew Collins |
Any distro would do, use one that you're comfortable with. As for locking down the system, you could put them in a chroot jail, with the necessities. Try 'man chroot' and google it for more information. As for ports 53, 80, and 8080, I see no reason to have such ports open, what is your reasoning for this? And your school's switches should provide all the protection from the outside you would need...
|
Thanks, I'll look into Man Chroot.
Also, I don't have problem with external security...it's more the students doing things to the computer locally, e.g. while they're using it. Matthew Collins |
All times are GMT -5. The time now is 11:17 AM. |