Jailing user to GUI program in linux

Question

I have a project to create a program, which prevents the user from escaping a GUI program. The program is designed for students to take exams in. The program contains a web browser page.

I have looked around and asked in different places how I should do this, and I have been recommended Qt. I am now having second thoughts about it...

I am using ubuntu 9.04 64 bits.

What do you think is the best solution for jailing users in GUI programs?

Answer 1

First of all, see this answer.

The best way to prevent users from using anything else is to use full-screen mode and not to start a window manager at all. So just start X and then your app and nothing else.

[EDIT] Some things you must take care of:

• Disable the switching to the text console (usually Ctrl-Alt-F1..F10)
• Killing the X server (Ctrl-Alt-Backspace)
• Magic Keys (Alt-SysRq-...)

As you see, this can become arbitrarily complex. Therefore, I suggest to close some of the holes and let the hackers waste their time on the other ones. If they want to spend their time hacking the computer instead on the test, that's OK.

Answer 2

What are you trying to prevent?

My guess is that the main thing is a restriction to ensure they don't Google the answers.

As a completely different alternative approach: Criple the network stack to the point it can (just about) only reach the required server(s).

This can be done with a few (relatively effective) and simple settings:

• No default gateway, only a gateway for the subnet where the exam server is located.
• No DNS servers at all, only a fixed hosts file ( OR a exam DNS server that only contains the exam servers).

These settings can even be attained by tuning the DHCP server. This makes it easy to 'criple/uncriple' an entire training room with a setting and a reboot of all the systems.

Answer 3

The first thing you'll want to do is disable the Ctrl-Alt-Backspace key combination in order to keep pesky users from shutting off your X server.

When it comes to what to write it in, I think your friends idea of Qt is a good one, you can probably write the whole program in something on the order of 50 lines. If all you care about is "Home", "Back", and "Forward" buttons, you can make a simple toolbar, and use the QWebView widget to do your actual web viewing. This would prevent the user from going anywhere since they wouldn't have an address bar, and they would still be able to take their test.

If you want to use an engine other than WebKit, you will probably end up with a lot more work, and WebKit should work on most websites anyway.