Without viruses and other malware, Linux is typically much harder for the average user to mess up. But if you are setting up a GNOME desktop for someone who seems to do things like delete the window list, or for public use, then you should lock down the desktop.
Pessulus is a graphical lockdown editor for GNOME. Instead of finding and changing individual GNOME gconf settings, you can use Pessulus to easily access the most important settings for locking down GNOME.
Install Pessulus from the package pessulus (click the link to install), or by running the command below in your terminal:
sudo apt-get install pessulus
The simplest lock down setup to create is a web kiosk where the user can’t exit the browser. The only web browser that Pessulus supports is Epiphany, the official GNOME web browser.
Install Epiphany from the package epiphany-browser (click the link to install), or by running the command below in your terminal:
sudo apt-get install epiphany-browser
You should set up a second user account to lock down if you haven’t already. The
second account will be restricted from using sudo by default, which will hide a
lot of administrative utilities from the GNOME menu. Create a second account
System->Administration->Users and Groups. Click
Unlock, and then
User. Look under the
User Privileges tab to restrict the new user as
After you’ve created the new user, log into the new account.
Launch Pessulus from
System->Administration->Lockdown Editor. Select
Web Browser from the list of categories. Here you will find options such as
disable quit, restricting browsing to chosen domains, and disabling editing the
interface. I went ahead and enabled all the restrictions, which seemed to do an
excellent job locking down Epiphany.
By the way, if you want to escape from Epiphany yourself, try pressing Alt-F2 to
Run Application dialog. Run
xkill and click on Epiphany to exit it.
You can close this loophole in Pessulus with
General->Disable command line.
If you want more than a web kiosk, you’ll need to make it so the locked-down user can’t just change the settings back in Pessulus. Instead of just hiding Pessulus from the menu, it’s better to make restrictions mandatory so they can only be changed by the root user. Run Pessulus as root:
You will notice that now there are wooden shield icons next to all the options. Click a shield to toggle wooden (optional) and silver (mandatory). Mandatory restrictions cannot be changed by regular users. If you make all the restrictions mandatory then no regular users will be able to use Pessulus.
If you’re setting up a full desktop, I’d recommend at least disabling the command line, locking the panels, and then removing the GNOME menu and adding launchers for applications you specifically want to allow to run.
Read the Pessulus documentation for details on all of the available options.