Things you need to know about your childproof PC
Keep this information in a safe place away from the children!
This information is sensitive and should be locked away. Anyone getting hold of this will be able to bypass all security and parental control.
BIOS password: ___________________
root password: ___________________
user me password: ___________________
user wee password: ___________________
______________________________________
______________________________________
______________________________________
The BIOS password is needed when configuring the BIOS (press Del key at bootup for most systems). You will need this to e.g. change the boot sequence so the system will boot off a CD. Never leave it with that setting. Anyone who can boot off a CD can gain full access to the computer and its files and can use the Internet freely, without you ever finding out. It's child's play to do. Ideally you will put a pad lock on the case so that the computer cannot be physically opened, because there is a tiny switch on the motherboard to reset the BIOS password.
The root password is used for a special user called 'root' in Linux. You cannot log into the graphical login screen using the root user (it is set up that way), but you can log in as him in text mode, or remotely using ssh. Root can do anything. Root is considered to be the system. User me belongs to the group root, so can do the same as root by prefixing any command in the terminal with 'sudo'. If you create a new user make sure it is not part of the root group, otherwise they will have root privilages.
User wee was set up as an example child account. If unsure compare the setup of this user to any new users you create for your children.
Important: When creating new users the default setting seems to be that anyone can see their files. To hide those files, the user can go to /home rightclick their directory and select that other users can't read their files. User me will always be able to look at them by running Thunar in root mode by typing sudo thunar into a terminal window.
Parental control
Parental control works by not letting programs on your computer connect to the Internet directly. I've installed a firewall called Firehol that blocks all outgoing Internet traffic. Instead, all traffic to the Internet is directed to a proxy server running on your machine. I've used a program called Tinyproxy for this. This is configured to use DansGuardian to filter content. DansGuadrian uses filter rules.
These programs were installed and configured by a script written by the person behind 'Ubuntu CE' (Christian Edition). You can find out more by googling 'ubuntu dansguardian'.
Note: The firewall seems to be blocking the browsing of Windows networks (File Sharing). I've not managed to solve that and it might be a bug in the current version. You can transfer files onto the computer from a Windows machine by using the tools provided by putty. (google 'putty')
Keeping an eye on children
If you would like to keep an eye on what your children are doing from your other computer please look into TightVNC. TightVNC lets you log into their computer from yours while they are still using it and see their screen and even control their mouse and keyboard. (good for turning down volume)
