looks like we're narrowing down the culprits, cool
One thing though, I had to pass on that great macpuppy, was just to heavy for this project. My latest issues with the i attribute have been with mijnpup, much lighter without enlightenment.
How to Build a Locked-Down Installation of Puppy
Hello All,
I am wondering if there was any progress made in regards to this topic.
I too am looking for a read-only system based on Puppy (I have Wary 5.1.1 as of now).
In my case what I would like to do is set up game room systems that would run a program called MAME (SDLMAME in Linux) and DWJukebox. (I do have other applications as well, but these two programs would be what I would mainly be using).
As far as I know, both programs run off of 'rom' information and thus are "read only".
Now the reason why I am interested in a 'read only' lock down once everything is set up is because I would like to put everything on a Compact Flash card instead of a hard drive. As most of you may already know, being flash memory, a CF card is sensitive to being written to many times. Thus I am very interested in something that would allowed to be run in ram, but then any saved settings would be discarded upon shut down instead of saved to the CF.
So even though my reason is different from the OP, the desired end result is the same.
Thank You,
Geo
I am wondering if there was any progress made in regards to this topic.
I too am looking for a read-only system based on Puppy (I have Wary 5.1.1 as of now).
In my case what I would like to do is set up game room systems that would run a program called MAME (SDLMAME in Linux) and DWJukebox. (I do have other applications as well, but these two programs would be what I would mainly be using).
As far as I know, both programs run off of 'rom' information and thus are "read only".
Now the reason why I am interested in a 'read only' lock down once everything is set up is because I would like to put everything on a Compact Flash card instead of a hard drive. As most of you may already know, being flash memory, a CF card is sensitive to being written to many times. Thus I am very interested in something that would allowed to be run in ram, but then any saved settings would be discarded upon shut down instead of saved to the CF.
So even though my reason is different from the OP, the desired end result is the same.
Thank You,
Geo
- Mechanic_Kharkov
- Posts: 9
- Joined: Sun 24 Jul 2011, 08:08
- Location: Kharkov, Ukraine
The same issue troubles me day by day..
Hi, All. I currently have a system without HDD, that boots from CD, then reads pupsave.2fs and pup-431.sfs files from sda1 (flash stick). Now I'm looking a way to tel the system to do not save pupsave file neither on shutdown nor periodically by a timer.
Sometimes the decision to discard current session comes during the session itself but not at boot time. And if I know that no important changes are made to system then there is no need to wait while system saves file (on my system it can take very long time when not under X). And it slightly differs from "Locked-down" installation" to "Sometimes locked-down" one, in other words "with user controlled session saving".
So, the questions are:
I also found this post (about 'pfix=kiosk'). This sounds exactly what I need to implement in my own setup. But there is an idea only in the post, no implementation.
Hope for Your help.
Sometimes the decision to discard current session comes during the session itself but not at boot time. And if I know that no important changes are made to system then there is no need to wait while system saves file (on my system it can take very long time when not under X). And it slightly differs from "Locked-down" installation" to "Sometimes locked-down" one, in other words "with user controlled session saving".
So, the questions are:
- Is there any ability to intercept anywhere in system (configs, scripts, even kernel code) the entry point where actual session file save is initiated?
- If it is possible, then where to dig (for newbie, pls)?
I also found this post (about 'pfix=kiosk'). This sounds exactly what I need to implement in my own setup. But there is an idea only in the post, no implementation.
Hope for Your help.
- Mechanic_Kharkov
- Posts: 9
- Joined: Sun 24 Jul 2011, 08:08
- Location: Kharkov, Ukraine
Install it on SD
I know this thread is old, but security is an everyday issue.
There is a more simple way and it works fine and it is reversible:
INSTALL IT ON SD that has the lock button option.
I have tried everything on precise puppy retro 5.7.1 but I think the same applies to lucid puppy.
The SD cards are great because they are the only ones that have the "hardware" lock button option, so that they can be made read only. Whereas this is not a true hardware solution (your reader must support that, but see this for a really working way http://www.seanet.com/~karllunt/sdlocker.html) it offers a very good option:
You can lock and unlock your card any time you want, so that you can make your disk "hardware" read-only or RW.
I have tested it and it works fine! In the read-only mode, you can do anything you like, save files, install programs etc, because the OS is loaded into RAM (another great feature of puppies). But when you reboot your PC everything is lost.
Note that general security does not only relate to the write in your disk, you just prevent unauthorized writing that way, which (combined with a lightweight OS) is a very nice step indeed.
While you browsing the web, your traffic could be monitored, but you cannot do anything about it apart from using proxies tors etc, a very long story...
There is a more simple way and it works fine and it is reversible:
INSTALL IT ON SD that has the lock button option.
I have tried everything on precise puppy retro 5.7.1 but I think the same applies to lucid puppy.
The SD cards are great because they are the only ones that have the "hardware" lock button option, so that they can be made read only. Whereas this is not a true hardware solution (your reader must support that, but see this for a really working way http://www.seanet.com/~karllunt/sdlocker.html) it offers a very good option:
You can lock and unlock your card any time you want, so that you can make your disk "hardware" read-only or RW.
I have tested it and it works fine! In the read-only mode, you can do anything you like, save files, install programs etc, because the OS is loaded into RAM (another great feature of puppies). But when you reboot your PC everything is lost.
Note that general security does not only relate to the write in your disk, you just prevent unauthorized writing that way, which (combined with a lightweight OS) is a very nice step indeed.
While you browsing the web, your traffic could be monitored, but you cannot do anything about it apart from using proxies tors etc, a very long story...