1 |
Am Mittwoch, 12. Dezember 2007 schrieb Grant: |
2 |
|
3 |
> I don't want the user to be able to do much of anything but browse the web, |
4 |
> use skype, and maybe look at photos on a CD or something. |
5 |
|
6 |
Maybe what you want can be achieved by running KDE in kiosk mode. However, |
7 |
never did this myself, so you should search kde.org or Google for the |
8 |
details. |
9 |
|
10 |
> I've noticed when adding this kind of a user in the past they are able to |
11 |
> look at files all around the system that I'd prefer they can't. |
12 |
|
13 |
Why? System directories look nearly the same on any Linux system, so it |
14 |
doesn't really make sense to restrict read access to them. For other, private |
15 |
directories you could take away permissions for "others" (i.e. chmod 750 |
16 |
mydir) and in addition _don't_ put that user in the users group, or use ACLs |
17 |
for more fine grained access control (see man getfacl, man setfacl). |
18 |
|
19 |
HTH... |
20 |
|
21 |
Dirk |