Fwd: Security aspects on kiosk mode with or without autologin
Forgot to send to list.
---------- Forwarded message ----------
From: Richard Nelson <unixabg@gmail.com>
Date: Thu, Mar 26, 2009 at 5:23 PM
Subject: Re: Security aspects on kiosk mode with or without autologin
To: Fredrik Israelsson <fredrik_is@hotmail.com>
Greetings,
On Thu, Mar 26, 2009 at 8:10 AM, Fredrik Israelsson
<fredrik_is@hotmail.com> wrote:
> Hi again!
> I was just wondering if I could get some comments on the security aspects
> involved when trying to choose between two different kiosk mode startup
> strategies. I am especially interested in comments that assumes that the
> kiosk computer is running an Live OS built using the live-helper.
>
> Alternative one:
> Start X and a full screen kiosk application at the end of the boot process,
> without logging in at all.
> Make the rc script that starts the application wait, and if the application
> is closed, shut down the operating system completely.
>
I would not use this model, but to each their own. See below for .xsession
> Altentative two:
> Enable automatic login and automatic start of an X session and the full
> screen kiosk application, maybe by listing the kiosk application as the one
> and only X client to be started (defined in .xinitrc?).
> Add a hook script somehow, that shuts the computer down upon exiting the
> application and/or the X session.
>
.xsessions script can do and just add metacity as a window manager
#!/bin/sh
/usr/bin/metacity &
kioskapp && sudo shutdown
There are also other ways by using gdm presession postsession so just
pick what you like.
> Is the one or the other more vulnerable to attacks, and in that case why?
>
> Regards,
> Fredrik
>
> ________________________________
> Lägg till karta och vägbeskrivning för din fest. Visa vägen!
Reply to: