23
Lock down Linux for the workplace
(kbin.social)
From Wikipedia, the free encyclopedia
Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).
Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.
Community icon by Alpár-Etele Méder, licensed under CC BY 3.0
As long as you don't give the users sudo powers there is little they can do to screw up the system.
But that would only make sense if you want them to have their own users. If it's just a public computer, you probably want the kiosk thin mentioned before.
There's also the risk of users saving and distributing confidential data. You don't need admin rights for that! I'm not actually sure this applies to OP, but if he's giving everyone a web browser, it certainly seems like a risk.
A cell phone can save and distribute data.
He didn't say it was crazy confidential. I got the feeling it was more about keeping them from fucking around and breaking it.
Correct
If Snowden can exfiltrate data from the NSA, there is simply no way for your average employer to prevent this through computer restrictions. Effort in that direction is a total waste of money.
This is a company policy issue, enforced through non-disclosure agreements and, ultimately, the legal system.