Novell Documentation: Novell Linux Desktop - Using the KDE Lockdown Mechanism (Kiosk)

F.8 Using the KDE Lockdown Mechanism (Kiosk)

The KDE lockdown mechanism (also known as Kiosk) provides an easy way to disable certain features within KDE so you can create a more controlled environment (for example, if the system is used for one or more specific dedicated tasks only). It builds on KDE’s configuration framework and adds a simple application API that applications can query to get authorization for certain operations. The KDE Kiosk framework should be used in addition to the standard Linux security measures.

Default values are no longer written. When a configuration file in a location other than $KDEHOME defines a value for a key and the application subsequently writes a new configuration file to $KDEHOME, that configuration file contains an entry for the key only if its value differs from the value read from the other file.

This eliminates the problem of changes to default configuration files under $KDEDIR not taking effect for users, because these users have their own copy of these settings under $KDEHOME. KDE makes sure not to copy these settings so changes made under $KDEDIR affect all users that have not explicitly changed the affected settings to something else.

Starting with KDE3, configuration entries can be marked immutable. When a configuration entry is immutable, entries under $KDEHOME for that value are ignored. Configuration files read after the file in which it is marked immutable cannot override its value. Immutable entries cannot be changed via KConfig.

Entries can be marked immutable on four different levels:

On an entry-by-entry basis by appending [$i] after the key.
For example:
```
[MyGroup]
someKey[$i]=42
```
On a group-by-group basis by appending [$i] after the group. All entries specified in the group are marked immutable and no new entries can be added to the group.
For example:
```
[MyGroup][$i]
someKey=42
```
On a file-by-file basis by starting the file with [$i].
For example:
```
[$i]
[MyGroup]
someKey=42
[MyOtherGroup]
someOtherKey=11
```
The file system can also be used to mark files immutable. If KDE does not have write access to the user’s version of a configuration file, the file is automatically considered immutable.
To make the configuration file of kicker (the panel) immutable, for example, use the following commands:
```
chown root.root /home/user/.kde/share/config/kickerrc
chmod 644 /home/user/.kde/share/config/kickerrc
```
If you do this, the user is warned that the configuration file is not writable. If you do not want the warning, add the following two lines to the application’s configuration file (or to kdeglobals, to disable the warning for all applications):
```
[KDE Action Restrictions]
warn_unwritable_config=false
```

When configuration files are marked immutable in whole or in part, the user can no longer make permanent changes to the settings that have been marked immutable. Ideally, the application recognizes this and no longer offers the user the possibility to change these settings. Unfortunately, not all applications support this at the moment. It is therefore possible that the user is still presented with an option in the user interface to change a setting that is immutable. However, changes made are not saved. In some cases, the user might be able to use the changed setting until the application terminates. In other cases, the changed setting is simply ignored and the application continues to work with the immutable setting.

The following applications currently do detect when their configuration files have been marked immutable and adjust their user interface accordingly:

kicker: By marking the kickerrc configuration file as immutable, the panel is locked down so it is not possible to make any changes to it.
kdesktop: By marking the kdesktoprc configuration file as immutable, the desktop is locked down so it is no longer possible to select Configure Desktop from its menus.
kcalc: By marking the kcalcrc configuration file as immutable, the Configure button is not displayed.