| Line 7: | Line 7: | ||
<!-- The name of this Spin. For example: ''Fedora Education Math'', ''Fedora Developer'', ''Fedora KDE''--> | <!-- The name of this Spin. For example: ''Fedora Education Math'', ''Fedora Developer'', ''Fedora KDE''--> | ||
Fedora Kiosk | |||
| Line 13: | Line 15: | ||
<!-- A sentence or two summarizing what this spin is and what it will do. This information is used for the overall spins summary page for each release. --> | <!-- A sentence or two summarizing what this spin is and what it will do. This information is used for the overall spins summary page for each release. --> | ||
The Fedora Kiosk spin, is a secure kiosk live operating system, that will allow users to login to a system and access the internet in a secure manner. | |||
== Owner(s) == | == Owner(s) == | ||
<!--Enter the names of the contributors or the link to the Special Interest Group page.--> | <!--Enter the names of the contributors or the link to the Special Interest Group page.--> | ||
<!-- Include your email address so that people can reach you --> | <!-- Include your email address so that people can reach you --> | ||
* Name: | * Name: Daniel Walsh <dwalsh> | ||
* email: | * email: dwalsh@redhat.com | ||
== Detailed Description == | == Detailed Description == | ||
<!-- Please give a more extensive description of the Spin. This could be a few paragraphs, highlighting specific features of the Spin, marketing your product to the end user. This ends up on the details page on spins.fedoraproject.org, and may be used in the release notes. --> | <!-- Please give a more extensive description of the Spin. This could be a few paragraphs, highlighting specific features of the Spin, marketing your product to the end user. This ends up on the details page on spins.fedoraproject.org, and may be used in the release notes. --> | ||
The Fedora Kiosk is a Fedora based live operating system that takes advantage of SELinux and namespacing to setup a secure kiosk environment. | |||
When you use a kiosk system you need to worry about the person that used the kiosk before you and after you. The person who used it before you could have left a process running on the system that can watch your keystrokes. The person who uses the kiosk after you can search through your home directory for data stored by firefox, including history, potentially credit card data, vpn access codes, etc. | |||
The Fedora kiosk uses the xguest package which sets up a limited priviledged SELinux xguest user. This user is allowed to login to the box without a password iff SELinux is enabeled and enforcing, and there are no processes running with the same UID. The user account is locked down so it can not execute any setuid/setgid applications. The only network ports it can connect to are web ports. It can not execute any content in its home directory. The home directory/tmp directory is created when the user logs in and destroyed when the user logs out. If the account attempts to leave a process around after logout the system will attempt to kill the process and no other kiosk users will be allowed to login until the processes with this uid, are killed. | |||
Root account is disabled. | |||
It is also a live operating system so, rebooting the kiosk, will reset it to a known good state. | |||
== Benefit to Fedora == | == Benefit to Fedora == | ||
| Line 29: | Line 40: | ||
<!-- Describe why this Spin is beneficial to Fedora. This section should very accurately describe why this Spin is useful, in order to justify the use of time, disk space and bandwidth of which the Fedora Project has limited amounts (especially as far as the time is concerned, composing XX spins because the kernel changes right before GA, having them pass QA, onto the torrent boxes). --> | <!-- Describe why this Spin is beneficial to Fedora. This section should very accurately describe why this Spin is useful, in order to justify the use of time, disk space and bandwidth of which the Fedora Project has limited amounts (especially as far as the time is concerned, composing XX spins because the kernel changes right before GA, having them pass QA, onto the torrent boxes). --> | ||
Fedora and its adoption of SELinux makes it an ideal platform for building a kiosk. Since Fedora support for pam_namespace, SELinux and xguest make it ideally suited for this type of envionment. | |||
== Kickstart File == | == Kickstart File == | ||
| Line 35: | Line 46: | ||
<!-- URL to the most recent version of the kickstart file used to compose this Spin with --> | <!-- URL to the most recent version of the kickstart file used to compose this Spin with --> | ||
http://people.fedoraproject.org/~dwalsh/SELinux/kiosk/kiosk.ks | |||
== ISO Name / FS Label == | == ISO Name / FS Label == | ||
<!-- While the name of the .iso file is not, the filesystem label is limited to 32 characters. Choose a name for the .iso, and a name for the fs-label. Mandatory is "Fedora", the release number, and the architecture. Example: ISO name: Fedora-11-x86_64-Education-Math FS-Label: ''Fedora-11-x86_64-Edu-Math''. --> | <!-- While the name of the .iso file is not, the filesystem label is limited to 32 characters. Choose a name for the .iso, and a name for the fs-label. Mandatory is "Fedora", the release number, and the architecture. Example: ISO name: Fedora-11-x86_64-Education-Math FS-Label: ''Fedora-11-x86_64-Edu-Math''. --> | ||
Fedora-13-x86_64-kiosk | |||
http://people.fedoraproject.org/~dwalsh/SELinux/kiosk/kiosk.iso | |||
== Dependencies == | == Dependencies == | ||
| Line 57: | Line 72: | ||
--> | --> | ||
Additional security checks and usability testing needs to be done. As people come up with ideas of how they can break the security model of the kiosk, we need to react. | |||
Also need to make sure there is enough functionality to use the kiosk in say a library setting. Closed source applications might be needed like flashplugin. | |||
== Spins Page == | == Spins Page == | ||
<!-- This information will be used on the spins.fedoraproject.org website. See https://fedoraproject.org/wiki/Website_redesign_2009/Mockups/Spins.fpo for more info. --> | <!-- This information will be used on the spins.fedoraproject.org website. See https://fedoraproject.org/wiki/Website_redesign_2009/Mockups/Spins.fpo for more info. --> | ||
| Line 65: | Line 82: | ||
<!-- A slogan for the spin to serve as the heading for the home page. --> | <!-- A slogan for the spin to serve as the heading for the home page. --> | ||
Fedora Kiosk - A Secure Kiosk/No longer an OxyMoron | |||
=== Spin description === | === Spin description === | ||
Revision as of 19:01, 30 April 2010
The page source contains comments providing guidance to fill out each section. They are invisible when viewing this page. To read it, choose the "edit" link.
Copy the source to a new page before making changes! DO NOT EDIT THIS TEMPLATE FOR YOUR SPIN.
Spin Name
Fedora Kiosk
Summary
The Fedora Kiosk spin, is a secure kiosk live operating system, that will allow users to login to a system and access the internet in a secure manner.
Owner(s)
- Name: Daniel Walsh <dwalsh>
- email: dwalsh@redhat.com
Detailed Description
The Fedora Kiosk is a Fedora based live operating system that takes advantage of SELinux and namespacing to setup a secure kiosk environment.
When you use a kiosk system you need to worry about the person that used the kiosk before you and after you. The person who used it before you could have left a process running on the system that can watch your keystrokes. The person who uses the kiosk after you can search through your home directory for data stored by firefox, including history, potentially credit card data, vpn access codes, etc.
The Fedora kiosk uses the xguest package which sets up a limited priviledged SELinux xguest user. This user is allowed to login to the box without a password iff SELinux is enabeled and enforcing, and there are no processes running with the same UID. The user account is locked down so it can not execute any setuid/setgid applications. The only network ports it can connect to are web ports. It can not execute any content in its home directory. The home directory/tmp directory is created when the user logs in and destroyed when the user logs out. If the account attempts to leave a process around after logout the system will attempt to kill the process and no other kiosk users will be allowed to login until the processes with this uid, are killed.
Root account is disabled.
It is also a live operating system so, rebooting the kiosk, will reset it to a known good state.
Benefit to Fedora
Fedora and its adoption of SELinux makes it an ideal platform for building a kiosk. Since Fedora support for pam_namespace, SELinux and xguest make it ideally suited for this type of envionment.
Kickstart File
http://people.fedoraproject.org/~dwalsh/SELinux/kiosk/kiosk.ks
ISO Name / FS Label
Fedora-13-x86_64-kiosk
http://people.fedoraproject.org/~dwalsh/SELinux/kiosk/kiosk.iso
Dependencies
Scope / Testing
Additional security checks and usability testing needs to be done. As people come up with ideas of how they can break the security model of the kiosk, we need to react.
Also need to make sure there is enough functionality to use the kiosk in say a library setting. Closed source applications might be needed like flashplugin.
Spins Page
Slogan
Fedora Kiosk - A Secure Kiosk/No longer an OxyMoron
Spin description
Screenshot
Download tab
Support tab
Custom branding
Comments and Discussion