Re: [Hampshire] Locking down a gnome machine

Top Page
This message is part of the following thread:
M++\the complete thread tree sorted by date
MMMMPeter Brooks at <-
.M 

Reply to this message
Author: James Courtier-Dutton
Date:  
To: Hampshire LUG Discussion List
Subject: Re: [Hampshire] Locking down a gnome machine
On 13/04/07, Peter Brooks <peter@???> wrote:
>
> Firstly I'd like to ask if anyone can see any holes in my security
> config and then I'm asking for any more recommendations to lock down
> the machine.
>
> One loophole I can see is that a user can create launchers still,
> hence they can create launchers and launch programs. One thought of
> mine around this is to change ownership of Desktop to root and stop
> them modifying the desktop.
> Though it's a bit rough.
>
> Another thing I'd like to disable is the ability to edit the
> applications menu, but a user can still right click on the main menu
> and select edit menu.
>
> Cheers for reading my paranoia.
>

I would look into KVM if I was you. It is a virtualisation method like
vmware and xen.
You could then have an environment for the users that they can mess
with as much as they like. The benefit is that you can just remove all
the applications and tools, like the launcher add tool from the
virtual machine, while leaving them available to you if you need to do
some admin.


This message was posted to the following mailing lists:
Hampshire LUG
Mailing List Info | Nearby Messages		<-Re: [Hampshire] Deaf Lug its problems[Hampshire] Dysphonic LUG->
Hampshire LUG Mailing List Archive administrated by WebmasterLurker (version 2.3)