[TAG] Locking down a Linux box
Kapil Hari Paranjape
kapil at imsc.res.in
Tue Jun 13 10:38:33 MSD 2006
Hello,
On Sun, 11 Jun 2006, Faber J. Fedor wrote:
> Hey Guys,
>
> Well, maybe "locking down" isn't the right phrase but I'm not sure what
> the right phrase is which is why I'm stumped.
>
> I want to boot up a Linux box, go into X and run my application, let's
> call it FaberOffice, and run nothing else. Nada. Zip. FaberOffice is to
> be the only thing running and the only thing that can run.
1. You want to run only one application and it's main window should
run in fullscreen mode. That suggests "ratpoison".
2. I presume you want the transient windows to emerge with focus in the
centre of the screen. If your app has transient windows that don't
behave well with WM_HINTS then you must exclude ratpoison. (For
example GIMP and ratpoison do not get along).
3. You want to disable all key-bindings. You might be able to
configure or hack ratpoison to do that.
4. Finally you want to disable the running of any other applications.
This suggests that the path be restricted using "rbash" as the shell.
Another possibility (to ratpoison) is "ion" with minimal features and
modules loaded. You may be able to configure ICEWM or FVWM to do this
as well.
Regards,
Kapil.
--
More information about the TAG
mailing list