Short bio: Computer Scientist, FOSS supporter (read more)
Tux Machines (TM)-specific
Looking for a way to limit users' functionality on a publicly available machine, such as a kiosk machine for conference attendees? No one wants people trying to alter their systems for fun or malice. If you're running the GNOME environment, you can turn to a tool called Pessulus -- a lockdown manager for the GNOME desktop.
Pessulus is a Python front end for configuring the Gconf XML configuration files.
The software lets you create a profile that limits a user to a set of application that a system administrator allows. It has a nice, logically structured GUI that allows administrators to choose and click checkboxes on the options that you want to deny for user access. By default all the lockdown functions are unchecked, meaning the system remains configured as is. Also, there is no button to check all the checkboxes at once; you have to choose each one by one. Moving the mouse button over a specific lockdown option gives administrators a description of that function in a popup box.
Pessulus provides four main groups for locking specific sets of applications.