Hello all good folks out there...
I wonder if its hard to make a 100% sure that if you let your little brother or sister borrow you laptop, or even your child, that you can be sure they can not see, reach or touch your harddrive/system. Assuming its a separate Puppy they use in order to play, learn or whatever ever, and this system must be bullet proof not to be able to do damage to sda.
What would it take to do that and are there other precautions that should be considered?
Lets assume they do not get internet. Just to keep this a little less complicated with parental control etc. The major issue is that they can not under any circumstances destroy or look at your sda.
Any brilliant thoughts on such solutions?
How to make Puppy prevent access to HDD?
In my opinion the only sure way to protect your information is not to leave it in the computer when you loan the computer out.
I'd keep my personal stuff on an external hard disk and boot Puppy from either a multisession DVD or a flash drive with the Save file on the flash drive. But only put Puppy-related stuff in the Save file: settings, installed programs, etc.. Put your personal stuff on the external hard disk, and put that hard disk away in a safe place when you loan out the computer.
I'd keep my personal stuff on an external hard disk and boot Puppy from either a multisession DVD or a flash drive with the Save file on the flash drive. But only put Puppy-related stuff in the Save file: settings, installed programs, etc.. Put your personal stuff on the external hard disk, and put that hard disk away in a safe place when you loan out the computer.
@p310don
its not for someone specific. Just a general question as it will make it easier for someone to let other use their capacity(PC)
I am aware you can remove the icons and probably do even more, but that can also be reversed i guess...
It could be that a few lines of code removed would make it total immune towards any kind of mistake concerning SDA. Lots of kids needs to learn programming, but they might not have the tool for it and it could be more easy to lend away your hardware for this is you know for sure the Puppy they use can not mess with SDA.
its not for someone specific. Just a general question as it will make it easier for someone to let other use their capacity(PC)
I am aware you can remove the icons and probably do even more, but that can also be reversed i guess...
It could be that a few lines of code removed would make it total immune towards any kind of mistake concerning SDA. Lots of kids needs to learn programming, but they might not have the tool for it and it could be more easy to lend away your hardware for this is you know for sure the Puppy they use can not mess with SDA.
-
LazY Puppy
- Posts: 1934
- Joined: Fri 21 Nov 2014, 18:14
- Location: Germany
Re: How to make Puppy prevent access to HDD?
This sound like something that I had created for my lucid based LazY Puppy.Atle wrote:Hello all good folks out there...
I wonder if its hard to make a 100% sure that if you let your little brother or sister borrow you laptop, or even your child, that you can be sure they can not see, reach or touch your harddrive/system. Assuming its a separate Puppy they use in order to play, learn or whatever ever, and this system must be bullet proof not to be able to do damage to sda.
What would it take to do that and are there other precautions that should be considered?
Lets assume they do not get internet. Just to keep this a little less complicated with parental control etc. The major issue is that they can not under any circumstances destroy or look at your sda.
Any brilliant thoughts on such solutions?
This one has so-called user modes, as there are: advanced, intermediary, beginner and kids. Each one of the user modes can have its own collection of menu entries, desktop setups and some more. For this I had included a password for e.g. to change the current user mode. This password has been setup also for the pmount to use.
So, no icons on desktop and no password for pmount - no chance to mount a drive and to get access to its content (at least for the un-experienced user).
I remember Volhout making a suggestion about to include some of the LazY Puppy structure into Puppy Linux.
Unfortunately nothing has happened on this until today.Voulhout wrote:Dear 01micko,
...
Maybe it is sufficient to embrace R-S-H's lazypup architecture to keep a small basic puppy, and have a set of SFS's dynamically loadable under desktop buttons (click first time takes a little longer since the sfs loads on the fly, but successive times are blazing fast). Maybe it is sufficient to restructure the menu so it has 2 modes. Expert mode shows as is. User mode shows only entries that are interesting for end users. There are so many idea's.
...
Edit:
I'm sure, this could be setup in a similar way also (without to use the user modes) using my new version 1.0.1 of T.O.P.L.E.S.S. easily by its configuration files. I will upload this in the late evening of today.
RSH
"you only wanted to work your Puppies in German", "you are a separatist in that you want Germany to secede from Europe" (musher0) :lol:
No, but I gave my old drum kit away for free to a music store collecting instruments for refugees! :wink:
"you only wanted to work your Puppies in German", "you are a separatist in that you want Germany to secede from Europe" (musher0) :lol:
No, but I gave my old drum kit away for free to a music store collecting instruments for refugees! :wink:
Re: How to make Puppy prevent access to HDD?
1.
i.e. No partitions/drives are displayed on the desktop, and more than that...
In order to mount a partition, it is necessary to click on the console icon [at bottom left] and issue a pmounter command to run the "Pmount" window.
The command has deliberately been changed from "pmount" to "pmounter" so that only someone in the know would be able to mount any partition.
Also:
b. See this post about the "impersonator" icon/function.
This feature makes it possible to make ALL the personalizations normally available to all Puppies, and then...
By clicking the "impersonator" icon on the desktop, a new ISO is made that includes ALL the personalizations, and then burn the ISO image [as an image] to a BLANK CD-R or CD-RW, or DVD-R or DVD-RW.
It's working well for me; I normally use it for online banking, which was the primary purpose for which it was made.
c. Nothing of a session is ever SAVED, unless you make a new ISO and burn it to an optical disk.
It has quick shutdown icons on the desktop. [NICE!]
a. Banksy3 is specifically built to be that way.Atle wrote:I wonder if its hard to make a 100% sure that if you let your little brother or sister borrow you laptop, or even your child, that you can be sure they can not see, reach or touch your harddrive/system.
i.e. No partitions/drives are displayed on the desktop, and more than that...
In order to mount a partition, it is necessary to click on the console icon [at bottom left] and issue a pmounter command to run the "Pmount" window.
The command has deliberately been changed from "pmount" to "pmounter" so that only someone in the know would be able to mount any partition.
Also:
b. See this post about the "impersonator" icon/function.
This feature makes it possible to make ALL the personalizations normally available to all Puppies, and then...
By clicking the "impersonator" icon on the desktop, a new ISO is made that includes ALL the personalizations, and then burn the ISO image [as an image] to a BLANK CD-R or CD-RW, or DVD-R or DVD-RW.
It's working well for me; I normally use it for online banking, which was the primary purpose for which it was made.
c. Nothing of a session is ever SAVED, unless you make a new ISO and burn it to an optical disk.
It has quick shutdown icons on the desktop. [NICE!]
-
gcmartin
@Sylvander shares 2 very good solutions for this thread's author.
I will extend a little on the very good work of @GreenGeek.
Using that ISO creation facility described, @Atle could make a CD for each of the people who would be using your laptop guiding them to ONLY user their individual DVD/CD to boot the PC. This way, too, they could use their personalized Live systems on other PCs when necessary.
On another note, MOST kids do not have the understanding or ability to modify Linux based systems ... unless of course someone is guiding them. They will ONLY navigate the internet and use PCs for gaming. I would not worry too much that they will investigate the system to learn how to manipulate the desktop or Menu manager for accessing things they dont see. IMHO based upon several generations of kids and old people.
Hope this helps.
I will extend a little on the very good work of @GreenGeek.
Using that ISO creation facility described, @Atle could make a CD for each of the people who would be using your laptop guiding them to ONLY user their individual DVD/CD to boot the PC. This way, too, they could use their personalized Live systems on other PCs when necessary.
On another note, MOST kids do not have the understanding or ability to modify Linux based systems ... unless of course someone is guiding them. They will ONLY navigate the internet and use PCs for gaming. I would not worry too much that they will investigate the system to learn how to manipulate the desktop or Menu manager for accessing things they dont see. IMHO based upon several generations of kids and old people.
Hope this helps.
Re: How to make Puppy prevent access to HDD?
Thank you Sylvander and GC for your kind words regarding my banksy pup. I have tried to configure banksy in such a way as to protect against the chance that a newbie could/would damage your main drive - including adding rcrsn51's suggestion of locking out the NTFS write functionality.
However - I also agree with Flash that the only real way to prevent Linux accessing your HDD is to remove it from the machine entirely.
- I have toyed with commands that spin down the hard drives but it seems they spin up again as soon as any read command is sent to them.
- Pmount is only a GUI for the kernel commands for mounting. If you want to lock out the drive you would have to remove the intrinsic kernel commands that permit mounting.
- Gparted (and other partitioning tools) can easily be invoked to trash an entire drive very quickly
- "dd" commands can similarly trash a partition very quickly.
- the old Linux joke of running the command "rm -rf/" will trash your data
see this website for other similar Linux weaknesses:
http://www.howtogeek.com/125157/8-deadl ... -on-linux/
I seem to recall that forum member shadowersc has done a lot of work in creating a "kiosk" pup - which has a lot of lockdowns that prevent a user doing dumb or dangerous things.
My opinion is that Linux is too powerful to allow your children anywhere near your precious data. It is quite simple to create a Puppy that your kids cannot trash (banksy 3 does this) - but extremely hard to switch off the power of Linux sufficiently to protect your valuable data.
Protecting the integrity of system files is easy using the sfs format - however your critical personal data that gets updated day to day is much harder to protect.
The easiest way to protect it is to have it on a usb stick attached to your car keys so that when you walk away from your laptop and leave it with your kids there is nothing left on the laptop except the Puppy operating system itself.
However - I also agree with Flash that the only real way to prevent Linux accessing your HDD is to remove it from the machine entirely.
Yes, it is very difficult:Atle wrote:I wonder if its hard to make a 100% sure that if you let your little brother or sister borrow you laptop, or even your child, that you can be sure they can not see, reach or touch your harddrive/system.
- I have toyed with commands that spin down the hard drives but it seems they spin up again as soon as any read command is sent to them.
- Pmount is only a GUI for the kernel commands for mounting. If you want to lock out the drive you would have to remove the intrinsic kernel commands that permit mounting.
- Gparted (and other partitioning tools) can easily be invoked to trash an entire drive very quickly
- "dd" commands can similarly trash a partition very quickly.
- the old Linux joke of running the command "rm -rf/" will trash your data
see this website for other similar Linux weaknesses:
http://www.howtogeek.com/125157/8-deadl ... -on-linux/
I seem to recall that forum member shadowersc has done a lot of work in creating a "kiosk" pup - which has a lot of lockdowns that prevent a user doing dumb or dangerous things.
My opinion is that Linux is too powerful to allow your children anywhere near your precious data. It is quite simple to create a Puppy that your kids cannot trash (banksy 3 does this) - but extremely hard to switch off the power of Linux sufficiently to protect your valuable data.
Protecting the integrity of system files is easy using the sfs format - however your critical personal data that gets updated day to day is much harder to protect.
The easiest way to protect it is to have it on a usb stick attached to your car keys so that when you walk away from your laptop and leave it with your kids there is nothing left on the laptop except the Puppy operating system itself.
Thanks for all the answers and suggestions...
I need to look into some of the solutions brought to the table.
I guess were sort of looking at total newbee users here and its seems impossible to stop the "Force" within Linux and especially Puppy.
Might look at a compromise. Backup and remove your most personal files and then use the better solution and simply pray.
So i guess one is looking at some compromise.
I need to look into some of the solutions brought to the table.
I guess were sort of looking at total newbee users here and its seems impossible to stop the "Force" within Linux and especially Puppy.
Might look at a compromise. Backup and remove your most personal files and then use the better solution and simply pray.
So i guess one is looking at some compromise.