[vox-tech] Public Access Terminal
Darrick Servis
vox-tech@lists.lugod.org
Thu, 27 Mar 2003 16:50:41 -0800
On Thursday 27 March 2003 03:10 pm, Bill Kendrick wrote:
> On Thu, Mar 27, 2003 at 02:57:34PM -0800, Darrick Servis wrote:
> <snip>
>
> > On quit I thought it best to strip the history, cookies and cache and put
> > a sign on the terminal to let people know they can do that when they're
> > done to protect their privacy.
>
> Will you be able to keep people from browsing the HD, or saving files to
> it?
Well that's what I'm working toward among other things. I also want a good
user experience. I've been running opera on a slackware machine at DCTV and
haven't had any problems. Expect no one but me knows how to turn it on and
off. But that's not to say it couldn't have been more secure. I mainly
dealt with trying to make it run lean enough as it was a really slow machine.
Underneath everything I have four partitions:
/dev/hda1 / ext2 defaults,ro 1 1
/dev/hda7 /home ext2 defaults,nodev,noexec,nosuid 1 2
/dev/hda6 /tmp ext2 defaults,nodev,noexec,nosuid 1 2
/dev/hda5 /var ext2 defaults,nodev,noexec,nosuid 1 2
The longest most archaic root password I can come up with.
The box stripped of all binaries expect what is needed. no xterm, rxvt, etc.
Most likely the X wrapper will delete everything from /home and /tmp and
repopulate from a template. I may remove syslogd and make /var read-only if
I get really paranoid.