On Tuesday 10 May 2005 19:19, Gavin McCullagh wrote: > Hi, > > I was wondering would a preconfigured kiosk account be a nice addition to > the default sarge install. I think so > Ideally, the settings should be moreorless fixed, it would be possible to > run many mozilla instances on different displays without seeing the > profile dialogue. I guess I'm asking for the KDE Kiosk Framework. I have no idea about locking down mozilla, but we can lock konqueror and KDE down with the kiosk framework just fine. > Has > anyone used it in debian-edu? It appears the kiosk stuff has changed > radically between kde2 and kde3. kiosk framework was new in kde2 > Is it too late to be mentioning this for sarge? think so (should be no problem to create something that works on both sarge and etch though) > Any suggestions as to how this would best be done? Could it easily be > done in a standalone package or should the LDAP database, etc just have > it from the start? can be done in a standalone package, the problem breaks down in 3 parts: 1) exactly what kind of setup do we want, what should be possible, what shouldn't, what do we not care about -> this is the hard part 2) implementing what's decided in 1) into a kde-profile (basically a directory with similar layout to ~/.kde,) -> just takes some effort (I'm willing to do this, given 1) 3) add the directory containing 2) in front of KDEDIRS whenever you want that setup activated -> my desktop-profiles package offers a generic way to do this (currently in my homedir on developer.skolelinux.no, should be in debian proper soon, as I found a sponsor for it at the devcamp in Valencia) things you can lock down in kde: - all settings in configuration files - all actions (more or less everything that has a menu or toolbar item + some general things like shell_access - certain url's (url's include everyting that can be accessed through kde's ioslaves mechanism), can also be redirected - access to controlcenter modules (note kiosk is off course to be used in addition to normal unix security measures) -- cobaco (aka Bart Cornelis): Coördinator Belgisch Skolelinux team Coördinator Nederlandse Skolelinux vertaling
Attachment:
pgpFhvdGTSDt2.pgp
Description: PGP signature