Hi,
I'm attempting to set up a web kiosk for a public user scenario (on Lucid if that makes a difference). My ultimate goal is to allow users access to the Internet using Firefox 8 while allowing them no customization whatsoever. My original thought was to make the kiosk user's whole home directory and its contents read-only, but I realized that method would be very rough-around-the-edges and probably cause problems, so I did some Googling and came up with a better way. So far I did the following:
- Remove all panel items except a Firefox launcher, a window list, and a button to show the desktop
- Lock down said panel with Pessulus
- Use lshell as the user's shell (simply an obsessive, added security measure; the users can't get to the terminal or execute custom commands anyway, but should anybody hack it they'll only have access to the most basic commands (like
))Code:ls- Disable keyboard shortcuts (except the most basic ones)
- Lock down Firefox using a variety of different settings and extensions (Public Fox, two different menu editors, a keyboard shortcut editor (with a rather creative way of disabling certain shortcuts), always-on private browsing, among others)
- Disable background change using command
Code:gconftool-2 -t bool -s /apps/nautilus/preferences/show_desktop false
During my testing, I've found two places for customization that need to be fixed:
- While Firefox toolbars themselves cannot be customized, their visibility can be toggled by right-clicking and checking/unchecking the toolbar name
- Right-clicking on the panel, there's an "about" option which opens the Ubuntu help dialog...which contains bookmarks and preferences
I know these aren't major problems, but I'm OCD about this sorta stuff and need to lock those two settings (along with any others if anyone can think of something I missed). If I were to make only certain config files read-only, which ones would I lock to prevent those settings from being changed. I don't care if the users can change the settings as long as they don't "stick," for lack of a better word.
Bookmarks