How to restrict access to firefox in Ubuntu 10.[04|10]

Question

I have an Ubuntu desktop set up in a retail environment. I would like to restrict access to firefox. So that users must type in a password to run it. I tried changing permissions on the binary so that it did not have world access, but each time the update runs, those permissions get reset to world access.

Its convenient to have it available but its not strictly necessary for the software that the machine must run. so if it isn't possible to restrict it, then I can uninstall it if it won't impact functioning of the system. Would it impact the system to uninstall it?

score 1 · Accepted Answer · answered May 03 '12 at 02:36

1

I don't think any other package would depend on it; when you do an apt-get remove it will tell you if it would remove anything else.

In order to preserve permissions across updates, you need to use the dpkg-statoverride command.

e.g.

dpkg-statoverride --add owner:group 750 firefox

answered May 03 '12 at 02:36

Jeremy

338
2
12

Does dpkg-statoverride need to be run just once? – BillRobertson42 May 03 '12 at 03:00
One thing people could do is download and run a binary for firefox without installing it. Restricting this would be very intrusive. – Falcon Momot May 03 '12 at 04:21
@Bill yes just one time per folder/file and it will be remembered forever for that package. – Jeremy May 03 '12 at 11:46

How to restrict access to firefox in Ubuntu 10.[04|10]

1 Answers1