View previous topic :: View next topic |
Author |
Message |
HydroSan l33t
Joined: 04 Mar 2004 Posts: 764 Location: The Kremlin (aka Canada)
|
Posted: Sat May 15, 2004 12:15 am Post subject: Fool Proofing XFCE4 |
|
|
My science teacher has had enough with my school's lack of support. Though it may be late, due to popular demand I'm bringing in my beefed up P-II 400MHz with 512MB of PC133 RAM with Gentoo on it to the classroom for everyone to enjoy. The crappy 266MHz PII's there have all but imploded, so the science teacher took me up on my offer.
Now, I need to know some serious fool-proofing measures or links to stuff that could help. I definitely want to use XFCE4, since both GNOME and KDE take wayyyy too much RAM, even for 512MB (Hey, it's a 400MHz, so don't expect it to be God.) So I need to know how to disable someone being able to:
1. Change any sort of settings, except for Audio.
2. Fool with anything like Firefox's settings.
3. Change the menu bar.
4. Even access the settings or SEE the root directory. _________________ I was a Gangster for Capitalism, by Major General Smedley Butler.
Server status: Currently down, being replaced with fresh install - 20% completed. |
|
Back to top |
|
|
andrewy l33t
Joined: 07 Apr 2004 Posts: 602
|
Posted: Sat May 15, 2004 1:46 am Post subject: |
|
|
You could probably do all that with the great command that is chmod.
Just make the configuration files readable but not writeable, it should work. |
|
Back to top |
|
|
HydroSan l33t
Joined: 04 Mar 2004 Posts: 764 Location: The Kremlin (aka Canada)
|
Posted: Sat May 15, 2004 1:54 am Post subject: |
|
|
So in the /home/student directory, I'd chmod everything except /home/student/Documents 755? Such as:
Code: | chmod -R 755 /home/student
chown student:users -R /home/student/Documents
chmod -R 755 /home/student/Documents |
Would that work? *theory* _________________ I was a Gangster for Capitalism, by Major General Smedley Butler.
Server status: Currently down, being replaced with fresh install - 20% completed. |
|
Back to top |
|
|
andrewy l33t
Joined: 07 Apr 2004 Posts: 602
|
Posted: Sat May 15, 2004 2:52 am Post subject: |
|
|
Depends who the files are owned by.
755 will let the owner write to the files, but won't let anyone else write to the files. That *should* work fine, as long as the files aren't owned by the user you're having people login as. |
|
Back to top |
|
|
Angrybob Guru
Joined: 19 Apr 2003 Posts: 575
|
Posted: Sat May 15, 2004 2:16 pm Post subject: |
|
|
I think it would be better if you just had a read only backup of the default settings and then every login you could trash the home folder and replace it with a fresh config |
|
Back to top |
|
|
Roptaty Apprentice
Joined: 12 May 2002 Posts: 184 Location: Norway
|
Posted: Sat May 15, 2004 2:33 pm Post subject: |
|
|
andrewy wrote: | You could probably do all that with the great command that is chmod.
Just make the configuration files readable but not writeable, it should work. |
How would applications react if they were unable to write out cache and other temp files?
I support angrybob's suggestion, but what about terminals that have loginshell set. Will execution of these cause the homedirectory to be recreated/restored?
Let the user change everything in their home directory. In the end of the day, run a cronjob or something similar that resets everything, using a skeleton directory, deleting or overwriting every file that has been changed.
Regarding XFce. I think XFce supports KIOSK mode. I vaguely remember reading something about this. Check the docs. _________________ This signature will selfdestruct in ten seconds...
ten - nine - eight - seven - six - five - four - three - two - one - BSOD (System crashed, please restart the self-destruct sequence) |
|
Back to top |
|
|
andrewy l33t
Joined: 07 Apr 2004 Posts: 602
|
Posted: Sat May 15, 2004 4:59 pm Post subject: |
|
|
I didn't say to chmod *everything*, only the configuration files. If you chmod the whole home directory, the apps may work, but you'll get alot of errors. It's better to just make sure the user can only write to a few directories, which are emptied when the user logs off. |
|
Back to top |
|
|
|