[Techtalk] Protecting spouse, kids from each other and limiting access
Jeff Dike
jdike at karaya.com
Fri Sep 27 19:21:15 EST 2002
Have you considered dumping the munchkins into virtual machines? Stick
them in there, and they only have access to what you explicitly give them.
This would effectively decouple class 1 from the other 3, which should
simplify the problem somewhat.
As for what to use for a VM, see http://user-mode-linux.sf.net
agoats at compuserve.com said:
> 1) kids: need access to /home/username only; can't view anybody else's
> directories, do NOT have access to ppp/chat, are blocked from certain
> directories/devices. These are my munchkins ages 6 and 8. Internet
> access supervised. I plan on kde for their desktop.
Virtual machines for these guys.
> 2) users: need access to /home/username, can view each other's
> directories, CAN ppp/chat, run most software. I plan on kde for their
> desktop. This is my spouse and teens who need to surf, play games, do
> homework et al. Access blocked from certain directories/devices.
Normal users on the host.
> 3) poweruser: basically me. Access to all directories/devices,
> including those blocked to everyone else. Essentially "root" in safe
> mode. All window managers available.
> 4) root: "god mode". Totally unsafe, dangerous. Can do anything to any
> user, any file, device, directory. Total access capability.
It's not clear to me how to make a poweruser that's different from root
without a fair amount of work.
Jeff
More information about the Techtalk
mailing list