On Sun, 6 Feb 2005 11:03:46 +0100 Zacharie Elcor <zelcor@xxxxxxxxx> wrote: > On Sun, 6 Feb 2005 09:18:37 +0800, Robert Storey > <y2kbug@xxxxxxxxxxxxxx> wrote: > > On Sun, 6 Feb 2005 01:28:50 +0100 > > Zacharie Elcor <zelcor@xxxxxxxxx> wrote: > > > > > I want to create a restricted user without password that can only > > > use a web browser. > > > I added a user named "visitor" and created in his home dir a file > > > .xsession that contains: > > > > > > firefox > > > > > > so that when he logs in, firefox is launched, and when he closes > > > firefox, he is logged out. > > > This works fine but he is still able to ctrl+alt+F(1-6) and log in > > > to browse the file system. > > > > > > To prevent that, I tried to set /bin/false as the default shell > > > for that user in /etc/passwd but this also prevented him to log in > > > graphically. > > > > > > Is there a way to be sure that "visitor" will only be able to > > > browse the web and not the file system ? any security issues ? > > > > > > Thanks for help > > > > A relatively way to do this would be to use rbash (or "bash -r") as > > the user shell. For details, see "man bash" and search on the word > > "restricted". > > I tried that but this had the same effect than using /bin/false as the > default shell I'm surprised that rbash didn't do what you wanted, but whatever. The only other thing I can suggest is that KDE has a "kiosk" mode. I haven't tried it though, but have heard that it's good. cheers, Robert
