I haven't really used Linux, but I feel it might be useful for a potential project. Is it possible, and how doable is it, to have a password locked admin account and an open user account which is heavily restricted on what they can do? As in, not even browse files. Preferrably only desktop access where they can launch the apps placed there. Which Linux would be the best for this while still being on the easier side to figure out? I do understand tech somewhat well and quite enjoy problem solving, so doesn't need to be ELI5 territory.

  • RegalPotoo@lemmy.world
    link
    fedilink
    English
    arrow-up
    6
    ·
    1 year ago

    Along with the restrictions others have mentioned, you could look at running your system as a "live" install:

    • Actual OS boots directly off media like a USB stick or DVD
    • Operating system is mounted "read only" - even the super admin can't change files in the root partition
    • Even if a clever user finds a way to run programs, their changes don't persist after a reboot
    • If you need some persistence (eg, allowing users to save documents) you could mount a network share as the /home partition, but mount it "noexec" so if users manage to download programs from the internet, they aren't able to run them