On Thu, Mar 26, 2009 at 11:07 AM, James Rankin <kz2...@googlemail.com> wrote: > My initial idea, in the interests of security and ease of > management, was to use something like Ubuntu PCs running VMWare Player to > launch some sort of browser appliance in read-only mode.
I'd only use a VM if I wanted the users to be have relatively free reign on the machine during their session -- that way I could roll it back after. If you just want a web browser, I think it's prolly easier to just configure a restricted user. That way they can't even muck around with stuff *during* their session. I'd use something like LTSP (Linux Terminal Server Project) or ThinStation. I'd set-up one server to push DHCP, boot files, and (if needed) network file systems out to the clients. I'd use a user account on the client's that's got a mostly read-only user home directory. (Unlike Windows, Unix will generally work even if the user's home directory isn't owned or writable by them.) I think the only things that the user would *need* to be able to write to would be /tmp/ and the browser cache directory (typically something like $HOME/.mozilla/firefox/default/cache/). I'd suggest having them use USB flash drives if they want to be able to write or save files. If you have to provide a writable directory, just grant write to $HOME/Desktop or something like that. And warn them their work won't be saved between sessions. I'd configure conservative browser settings, and then lock them against changes. With Firefox, this is done by changing the user_pref() or pref() directive to lock_pref(). Possibly use a kiosk mode configuration. I'd mount the home and /tmp partitions with the "noexec" option, so if the user did manage to download a program, the system would refuse to execute it. It should be possible to tell the auto-mounter to add "noexec" to any USB drives as well. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
