[K12OSN] Lockdown of users
goblin at scooter.co.nz
goblin at scooter.co.nz
Fri Oct 1 05:24:01 UTC 2004
norbert wrote:
> Hi,
>
> If when I create new users and their default profile is taken from
> /etc/skel/ could I make custom entries in /etc/skel/ and chown all the
> files to "admin" or "root" to prevent the little monsters from modifiing
> their desktop, specifically removing icon and launch bar ?
any normal files in a directory may be deleted by the owner of the
directory regardless of who owns the said files.
An exception to this is if chattr -i has been used.. from the chattr man
page
<snip>
A file with the `i' attribute cannot be modified: it can-
not be deleted or renamed, no link can be created to this
file and no data can be written to the file. Only the
superuser or a process possessing the CAP_LINUX_IMMUTABLE
capability can set or clear this attribute
</snip>
Be careful with this as a lot of stuff in the $HOME directory requires
the user to be able to write to it.
I'm sure Gnome and gconf allow you to set these things in stone anyway
which might be a better solution.
mRgOBLIN
More information about the K12OSN
mailing list