I'm working on Linux Surfer - Code Name: Annabelle Lee, A live distro made for secure web surfing. One of the solutions a user has at their immediate arsenal with Linux Surfer is a virtual machine with one click that popus up SliTaz. They can then surf the web without sniffing attack from the Linux X server. But, like every Live Linux distro I know, the user is root or has root access.
Does anyone know of a relatively easy distro to remaster where that distro is also lightweight? I need to remaster it so the user signed in does not have root priveldges in order to protect the user in Linux Surfer.
If you are curious about what I've done so far,here is a torrent and description of my iso to date:
Ok, I dont have five posts, so you can find it with Google with these terms:
Hi there!! Interesting work!!
A simple thing would be to lock the root account by deleting the password entry in /etc/shadow and not allowing the user to use sudo. May be you can work on SELinux to implement something like RBAC which is more secure. Also, you gotta change the run levels so that the user cannot get into single user mode from GRUB menu.
But have you given a thought about these?
-
Will a user be intended to reboot the system to boot into the Live media, just for browsing on the Internet securely?
-
The description on the site says the distro is secure because it's based on Read-only DVD. But this is not the fact. During the boot, the initramfs is loaded into the RAM and it acts like as if it's booted off a hard disk. You can still read/write once you boot into the OS (otherwise it would never work).
Anyways, it's a good effort in a direction people might not have thought of yet. So best of luck!