Advertisement
Promo

Enterprise open source Toolkit

Story: Secure open source desktop gets public funding

  • Previous comment

Posted by: Olav Petri (Wednesday 1 June 2005, 8:01 AM)

  • Reply

Easy. Don't use Intel. Mount all writeable partitions noexec and all partitions with executables read-only. Use a restricted shell by default and run KDE (or fluxbox) in kiosk mode. Maintenance is done using sudo, and if necessary calling a non-restricted shell or temporarily re-mounting the partitions with new options. Some compact flash units even have a hardware based r/w switch - use that.

If the CPU is sufficiently powerful, then you can also encrypt directories or partitions.

For kiosks, make sure the user is not the owner of their home directory or key configuration files.

  • Previous comment

  • Reply to this comment
  • Return to story
  • Report this as offensive


Full Talkback thread


Video icon

Video

Discussions

roger andre roger andre

Murdoch versus the Net? Game on.

Friday 13 November 2009, 12:06 AM

11 comments
CA CA

Murdoch versus the Net? Game on.

Thursday 12 November 2009, 11:54 PM

11 comments
CA CA

Novell’s Mono Tools tunes up for stere...

Thursday 12 November 2009, 11:27 PM

1 comment
CA CA

We'll see eh...

Thursday 12 November 2009, 11:20 PM

1 comment

Skip Sub Navigation Links to CNET Brand Links

Help

Become part of the ZDNet community.

Newsletters