Tumblelog by Soup.io
Newer posts are loading.
You are at the newest post.
Click here to check if anything new just came in.

Using SELinux Kiosk Mode in Fedora 8

"The GNOME session will run as a very tightly locked down SELinux account, which can only be accessed via GDM. It is essentially authorized only to surf the web.

PAM namespace is utilized so that the session has private views of shared writable filesystem space (e.g. /tmp), while Sabayon is used to load a custom GNOME configuration.

Any local changes made by the user, such as writes to $home or their desktop settings will be lost after they log out."

Don't be the product, buy the product!