Linux - SoftwareThis forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Since I’m the only Linux user in the shop, I have been asked to put together a little test project. Unfortunately, I’m a newb and need some direction.
Here are the params, any advice would be great.
These are older PCs that sit on a winblows domain. Each has a 2GB processor, a gig or RAM, and usually about a 40GB hard drive.
I need to set them up so:
1) After login through KDM / GDM, Firefox fills the entire screen &
a. Only allows access to 3 predetermined websites (via Bookmarks?)
b. Any attempt to enter other URLs will default back to Homepage.
c. User cannot minimize Firefox or access desktop at all.
2) User will not have access to:
a. A task bar, any other apps, system services, or settings.
b. Logon / logoff capability (Start button or similar)
c. CTRL+ALT+DELETE or similar will bring up KDM / GDM, but only root account may reboot or shutdown the system.
d. Any other options on the “File Edit View…” bar (Only Bookmarks)
3) User cannot have the ability to mount floppies, thumb drives, or other external devices at all.
4) Machines are accessible via some kind of GUI based, secure, Remote Desktop or similar across winblows domain.
Can anyone recommend a distro? What really needs to be removed to make it more secure? Has someone already come up with something like this?
Since I’m the only Linux user in the shop, I have been asked to put together a little test project. Unfortunately, I’m a newb and need some direction.
Here are the params, any advice would be great.
These are older PCs that sit on a winblows domain. Each has a 2GB processor, a gig or RAM, and usually about a 40GB hard drive.
I need to set them up so:
1) After login through KDM / GDM, Firefox fills the entire screen &
a. Only allows access to 3 predetermined websites (via Bookmarks?)
b. Any attempt to enter other URLs will default back to Homepage.
c. User cannot minimize Firefox or access desktop at all.
2) User will not have access to:
a. A task bar, any other apps, system services, or settings.
b. Logon / logoff capability (Start button or similar)
c. CTRL+ALT+DELETE or similar will bring up KDM / GDM, but only root account may reboot or shutdown the system.
d. Any other options on the “File Edit View…” bar (Only Bookmarks)
3) User cannot have the ability to mount floppies, thumb drives, or other external devices at all.
4) Machines are accessible via some kind of GUI based, secure, Remote Desktop or similar across winblows domain.
Can anyone recommend a distro? What really needs to be removed to make it more secure? Has someone already come up with something like this?
Thanks!
The short version of what you want is "kiosk mode". Firefox can be set to use the full screen, no task bars or buttons, and if you stop the auto-mount daemons, no external devices can be mounted, unless you're root. And you can limit the shutdown/reboot capabilities to just root, when you build the box.
Remote access can be done via VNC connection, too. The only sticky point I can see is the "only allow access to 3 websites". Since websites can theoretically run on any port, you can't just block port 80 (which WILL get most websites), so you'd probably have to run squid, and blacklist EVERYTHING, except those sites.
How you do all of this depends on the distro you pick. This http://www.linuxjournal.com/article/7718 is a bit old, but KDE supports kiosk mode, and is common across whatever distro you pick. I'm confident that Gnome has similar capabilities...
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.