| 1 |
Am Mittwoch, 12. Dezember 2007 schrieb Grant: |
| 2 |
|
| 3 |
> I don't want the user to be able to do much of anything but browse the web, |
| 4 |
> use skype, and maybe look at photos on a CD or something. |
| 5 |
|
| 6 |
Maybe what you want can be achieved by running KDE in kiosk mode. However, |
| 7 |
never did this myself, so you should search kde.org or Google for the |
| 8 |
details. |
| 9 |
|
| 10 |
> I've noticed when adding this kind of a user in the past they are able to |
| 11 |
> look at files all around the system that I'd prefer they can't. |
| 12 |
|
| 13 |
Why? System directories look nearly the same on any Linux system, so it |
| 14 |
doesn't really make sense to restrict read access to them. For other, private |
| 15 |
directories you could take away permissions for "others" (i.e. chmod 750 |
| 16 |
mydir) and in addition _don't_ put that user in the users group, or use ACLs |
| 17 |
for more fine grained access control (see man getfacl, man setfacl). |
| 18 |
|
| 19 |
HTH... |
| 20 |
|
| 21 |
Dirk |
Archives