1085 lines
33 KiB
Plaintext
1085 lines
33 KiB
Plaintext
|
Linux web browser station (formerly "The Linux Public Web
|
|||
|
Browser mini-HOWTO")
|
|||
|
Anton Chuvakin, anton@chuvakin.org
|
|||
|
v0.0.5 10 October 2000
|
|||
|
|
|||
|
Describes the setup of Internet kiosk-type system based on Linux to be
|
|||
|
deployed to provide public Internet/webmail access.
|
|||
|
______________________________________________________________________
|
|||
|
|
|||
|
Table of Contents
|
|||
|
|
|||
|
|
|||
|
1. Introduction
|
|||
|
|
|||
|
1.1 Disclaimer
|
|||
|
1.2 Credits
|
|||
|
1.3 New versions of this document
|
|||
|
1.4 Changes Fri Sep 22 14:32:32 EDT 2000
|
|||
|
1.5 TODO
|
|||
|
1.6 Feedback
|
|||
|
1.7 Copyright information
|
|||
|
|
|||
|
2. OLD GUIDE: The Linux Public Web Browser mini-HOWTO by Donald B. Marti Jr.,
|
|||
|
|
|||
|
2.1 Copyright and Disclaimer
|
|||
|
2.2 Introduction
|
|||
|
2.3 Before you begin
|
|||
|
2.3.1 You need a graphical browser
|
|||
|
2.3.2 You need to be able to add an account
|
|||
|
2.3.3 You need
|
|||
|
2.4 Add the guest account
|
|||
|
2.5 Create or edit the following files in
|
|||
|
2.5.1 File name:
|
|||
|
2.5.2 File name:
|
|||
|
2.5.3 File name:
|
|||
|
2.5.4 File name:
|
|||
|
2.6 Make a
|
|||
|
2.7 Try it
|
|||
|
2.8 Changing preferences
|
|||
|
|
|||
|
3. NEW GUIDE: Step-by-step guide
|
|||
|
|
|||
|
3.1 Install RH
|
|||
|
3.2 Clean-up packages
|
|||
|
3.3 Install ssh
|
|||
|
3.4 Make a boot floppy
|
|||
|
3.5 Modify configs
|
|||
|
3.6 Create user
|
|||
|
3.7 Change Netscape settings
|
|||
|
3.8 Chown the home directory
|
|||
|
3.9 Config lilo
|
|||
|
3.10 REMOVE binaries
|
|||
|
3.11 Physical security
|
|||
|
3.12 Some final touches
|
|||
|
|
|||
|
4. Conclusion
|
|||
|
|
|||
|
5. References
|
|||
|
|
|||
|
|
|||
|
|
|||
|
______________________________________________________________________
|
|||
|
|
|||
|
|
|||
|
|
|||
|
1. Introduction
|
|||
|
|
|||
|
The directions below will produce the RedHat (currently version 6.2 is
|
|||
|
used, 7.0 is in development) Linux system that boots into the bare
|
|||
|
(=no window manager, like gnome, kde or fvwm2) X server and starts
|
|||
|
Netscape Navigator (not Communicator, which includes Main and News
|
|||
|
clients). Upon exiting the browser the X server is restarted and the
|
|||
|
new Netscape process is launched as needed. The system is intended for
|
|||
|
Internet Kiosks and similar applications. Security is emphasized at
|
|||
|
all the stages of the setup.
|
|||
|
|
|||
|
This HOWTO will be updated (maybe significantly) as long as more
|
|||
|
reports about the deployment of such boxes will arrive.
|
|||
|
|
|||
|
|
|||
|
|
|||
|
1.1. Disclaimer
|
|||
|
|
|||
|
|
|||
|
Use the information in this document at your own risk. I disavow any
|
|||
|
potential liability for the contents of this document. Use of the
|
|||
|
concepts, examples, and/or other content of this document is entirely
|
|||
|
at your own risk.
|
|||
|
|
|||
|
All copyrights are owned by their owners, unless specifically noted
|
|||
|
otherwise. Use of a term in this document should not be regarded as
|
|||
|
affecting the validity of any trademark or service mark.
|
|||
|
|
|||
|
Naming of particular products or brands should not be seen as
|
|||
|
endorsements.
|
|||
|
|
|||
|
You are strongly recommended to take a backup of your system before
|
|||
|
major installation and backups at regular intervals.
|
|||
|
|
|||
|
|
|||
|
1.2. Credits
|
|||
|
|
|||
|
|
|||
|
In this version I have the pleasure of acknowledging the previous
|
|||
|
maintainer of this HOWTO who nicely agreed to transfer it to me
|
|||
|
|
|||
|
|
|||
|
|
|||
|
dmarti@????.com
|
|||
|
|
|||
|
|
|||
|
|
|||
|
1.3. New versions of this document
|
|||
|
|
|||
|
New versions of this document can be found at
|
|||
|
|
|||
|
http://www.chuvakin.org/kiodoc
|
|||
|
|
|||
|
|
|||
|
1.4. Changes Fri Sep 22 14:32:32 EDT 2000
|
|||
|
|
|||
|
from 0.0.4 to 0.0.3
|
|||
|
|
|||
|
<20> Merged with old HOWTO
|
|||
|
|
|||
|
from 0.0.2 to 0.0.3
|
|||
|
|
|||
|
|
|||
|
<20> references added
|
|||
|
|
|||
|
<20> abstract finished
|
|||
|
|
|||
|
|
|||
|
|
|||
|
1.5. TODO
|
|||
|
|
|||
|
|
|||
|
<20> Write abstract
|
|||
|
|
|||
|
<20> Suggested hardware
|
|||
|
|
|||
|
<20> .Xdefaults disable some keys (Alt-Ctrl-F1)
|
|||
|
|
|||
|
<20> X server port 6000 attacks, do something about them
|
|||
|
|
|||
|
<20> X server under root, bad
|
|||
|
|
|||
|
<20> Eliminate more unneeded RPMs
|
|||
|
|
|||
|
<20> Implement /etc/pam.d/limits.conf to prevent netscape bloat and
|
|||
|
system crash (well, by causing it to crash before bloat ;-) ), see
|
|||
|
Security HOWTO
|
|||
|
|
|||
|
<20> Protect some files with chattr is nice
|
|||
|
|
|||
|
<20> Provided CDROM booting considerations
|
|||
|
|
|||
|
<20> Redo everything for RedHat 7.0
|
|||
|
|
|||
|
|
|||
|
|
|||
|
1.6. Feedback
|
|||
|
|
|||
|
All comments, error reports, additional information (very much
|
|||
|
appreciated!!!) and criticism of all sorts should be directed to:
|
|||
|
anton@chuvakin.org
|
|||
|
|
|||
|
http://www.chuvakin.org/
|
|||
|
|
|||
|
My PGP key is located at http://www.chuvakin.org/pgpkey
|
|||
|
|
|||
|
|
|||
|
1.7. Copyright information
|
|||
|
|
|||
|
This document is copyrighted (c) 2000 Anton Chuvakin, and parts of it
|
|||
|
are Copyright 1997 Donald B. Marti Jr. where marked as such
|
|||
|
|
|||
|
|
|||
|
|
|||
|
2. dmarti@best.com OLD GUIDE: The Linux Public Web Browser mini-HOWTO
|
|||
|
by Donald B. Marti Jr.,
|
|||
|
|
|||
|
v0.3, 5 January 1998
|
|||
|
|
|||
|
The basic idea here is to give web access to people who wander by,
|
|||
|
while limiting their ability to mess anything up.
|
|||
|
|
|||
|
|
|||
|
|
|||
|
2.1. Copyright and Disclaimer
|
|||
|
|
|||
|
Copyright 1997 Donald B. Marti Jr. This document may be redistributed
|
|||
|
under the terms of the Linux Documentation Project license.
|
|||
|
|
|||
|
This document currently contains information for Netscape Navigator
|
|||
|
only, but I plan to add notes for other browsers too as I get the
|
|||
|
necessary information. If you try this with a different browser,
|
|||
|
please let me know.
|
|||
|
|
|||
|
2.2. Introduction
|
|||
|
|
|||
|
The basic idea here is to give web access to people who wander by,
|
|||
|
while limiting their ability to mess anything up.
|
|||
|
|
|||
|
This setup was originally intended for trade shows, but it might be
|
|||
|
applicable other places you want to have a web browser going without
|
|||
|
having to babysit a computer.
|
|||
|
|
|||
|
Following these instructions does not make your system bulletproof or
|
|||
|
idiot-proof.
|
|||
|
|
|||
|
2.3. Before you begin
|
|||
|
|
|||
|
2.3.1. You need a graphical browser
|
|||
|
|
|||
|
This document assumes that you already have a running graphical web
|
|||
|
browser, such as Netscape Navigator, on your system. You should have
|
|||
|
permission to use your graphical web browser. If you want to use
|
|||
|
Netscape Navigator in a commercial setting, you can buy a copy with
|
|||
|
appropriate license through Caldera.
|
|||
|
|
|||
|
2.3.2. You need to be able to add an account
|
|||
|
|
|||
|
If you don't have the right to be root, get the system administrator
|
|||
|
to add the ``guest'' account and give you ownership of guest's home
|
|||
|
directory. Skip to the ``Create or edit the following files'' step
|
|||
|
(``Create or edit the following files in /home/guest'') when he or she
|
|||
|
is done.
|
|||
|
|
|||
|
2.3.3. You need httpd for a stand-alone web browsing station
|
|||
|
|
|||
|
If you are setting up a web browsing station to run stand-alone,
|
|||
|
without a network connection, you should have httpd working and the
|
|||
|
web documents installed. To tell if this is the case, enter:
|
|||
|
|
|||
|
|
|||
|
lynx -dump http://localhost/
|
|||
|
|
|||
|
|
|||
|
|
|||
|
You should get the text of the home page on your system.
|
|||
|
|
|||
|
2.4. Add the guest account
|
|||
|
|
|||
|
As root, run adduser to add a user named guest. Then enter
|
|||
|
|
|||
|
|
|||
|
passwd guest
|
|||
|
|
|||
|
|
|||
|
|
|||
|
to set the password for the guest account. This should be something
|
|||
|
easy to remember, like ``guest''. You will be telling people this
|
|||
|
password. Don't make it the same as your own password.
|
|||
|
|
|||
|
Then make guest's home directory owned by you. Enter
|
|||
|
|
|||
|
|
|||
|
chown me.mygroup /home/guest
|
|||
|
|
|||
|
|
|||
|
|
|||
|
Replace ``me'' with your regular username and ``mygroup'' with your
|
|||
|
group name. (On Red Hat Linux, these will be the same, since every
|
|||
|
user has his or her own group.)
|
|||
|
|
|||
|
You should now exit and do the rest of the steps as yourself, not
|
|||
|
root.
|
|||
|
|
|||
|
2.5. Create or edit the following files in /home/guest
|
|||
|
|
|||
|
2.5.1. File name: .bash_login
|
|||
|
|
|||
|
|
|||
|
|
|||
|
______________________________________________________________________
|
|||
|
exec startx
|
|||
|
______________________________________________________________________
|
|||
|
|
|||
|
|
|||
|
|
|||
|
This means that when guest logs in, the login shell will start up the
|
|||
|
X Window System right away.
|
|||
|
|
|||
|
2.5.2. File name: .Xclients
|
|||
|
|
|||
|
|
|||
|
|
|||
|
______________________________________________________________________
|
|||
|
netscape
|
|||
|
______________________________________________________________________
|
|||
|
|
|||
|
|
|||
|
|
|||
|
This means that when X starts, guest just gets the web browser, no
|
|||
|
window manager. If you prefer another web browser, do something else.
|
|||
|
|
|||
|
The file .Xclients should be executable by guest. Enter
|
|||
|
|
|||
|
|
|||
|
chmod 755 /home/guest/.Xclients
|
|||
|
|
|||
|
|
|||
|
|
|||
|
to make it so.
|
|||
|
|
|||
|
2.5.3. File name: .xsession
|
|||
|
|
|||
|
|
|||
|
|
|||
|
______________________________________________________________________
|
|||
|
#!/bin/sh
|
|||
|
netscape
|
|||
|
______________________________________________________________________
|
|||
|
|
|||
|
If you use xdm(1) to log people in, this file should make guest get
|
|||
|
the web browser as if he or she had logged in normally. The file
|
|||
|
.xsession should be executable by guest. Enter
|
|||
|
|
|||
|
|
|||
|
chmod 755 /home/guest/.xsession
|
|||
|
|
|||
|
|
|||
|
|
|||
|
to make it so.
|
|||
|
|
|||
|
2.5.4. File name: .Xdefaults
|
|||
|
|
|||
|
|
|||
|
|
|||
|
______________________________________________________________________
|
|||
|
! Disable drag-to-select.
|
|||
|
*hysteresis: 3000
|
|||
|
|
|||
|
! Make visited and unvisited links the same color by default
|
|||
|
*linkForeground: #0000EE
|
|||
|
*vlinkForeground: #0000EE
|
|||
|
|
|||
|
Netscape.Navigator.geometry: =NETSCAPE_GEOMETRY
|
|||
|
|
|||
|
! Disable some of the keyboard commands.
|
|||
|
*globalTranslations:
|
|||
|
|
|||
|
! Mouse bindings: make all mouse buttons do the same thing.
|
|||
|
*drawingArea.translations: #replace \
|
|||
|
<Btn1Down>: ArmLink() \n\
|
|||
|
<Btn2Down>: ArmLink() \n\
|
|||
|
<Btn3Down>: ArmLink() \n\
|
|||
|
~Shift<Btn1Up>: ActivateLink() \
|
|||
|
DisarmLink() \n\
|
|||
|
~Shift<Btn2Up>: ActivateLink() \
|
|||
|
DisarmLink() \n\
|
|||
|
~Shift<Btn3Up>: ActivateLink() \
|
|||
|
DisarmLink() \n\
|
|||
|
Shift<Btn1Up>: ActivateLink() \
|
|||
|
DisarmLink() \n\
|
|||
|
Shift<Btn2Up>: ActivateLink() \
|
|||
|
DisarmLink() \n\
|
|||
|
Shift<Btn3Up>: ActivateLink() \
|
|||
|
DisarmLink() \n\
|
|||
|
<Btn1Motion>: DisarmLinkIfMoved() \n\
|
|||
|
<Btn2Motion>: DisarmLinkIfMoved() \n\
|
|||
|
<Btn3Motion>: DisarmLinkIfMoved() \n\
|
|||
|
<Motion>: DescribeLink() \n\
|
|||
|
______________________________________________________________________
|
|||
|
|
|||
|
|
|||
|
|
|||
|
This file disables blink tags, drag-to-select, and some of the key<65>
|
|||
|
board commands. It also makes all mouse buttons do the same thing,
|
|||
|
hides the menu bar, and makes visited and unvisited links the same
|
|||
|
color, so each visitor gets nice clean blue links, not ones that other
|
|||
|
people have been thumbing through and staining purple.
|
|||
|
|
|||
|
You should replace the NETSCAPE_GEOMETRY in this file with an X
|
|||
|
geometry that looks like this: XxY+0-0, where X is the width of your
|
|||
|
screen and Y is the height of your screen + 32. This will position
|
|||
|
the Netscape menu bar off the top of the screen, so the user won't be
|
|||
|
distracted. For example, if your screen is 800x600, the geometry
|
|||
|
should be 800x632+0-0.
|
|||
|
|
|||
|
2.6. Make a .netscape directory for guest
|
|||
|
|
|||
|
Enter
|
|||
|
|
|||
|
|
|||
|
mkdir /home/guest/.netscape
|
|||
|
chmod 777 /home/guest/.netscape
|
|||
|
|
|||
|
|
|||
|
|
|||
|
to create guest's .netscape directory and make it world-writable.
|
|||
|
|
|||
|
|
|||
|
2.7. Try it
|
|||
|
|
|||
|
Log out, then log in as guest.
|
|||
|
|
|||
|
2.8. Changing preferences
|
|||
|
|
|||
|
Since you won't be able to use the menu bar as guest, you should edit
|
|||
|
guest's preferences manually if you need to change them, or change
|
|||
|
your own preferences to what you want guest's to be and copy the
|
|||
|
preferences file.
|
|||
|
|
|||
|
3. NEW GUIDE: Step-by-step guide
|
|||
|
|
|||
|
|
|||
|
3.1. Install RH
|
|||
|
|
|||
|
Install RedHat (further just RH) Linux on the box. Make sure shadow
|
|||
|
and MD5 passwords are enabled. And have a nice long root password!
|
|||
|
Refer to corresponding installation guides.
|
|||
|
|
|||
|
3.2. Clean-up packages
|
|||
|
|
|||
|
|
|||
|
RH Linux was and is *really* buggy out of the box (both local and
|
|||
|
remote exploits are discovered every day, see BugTRAQ database), and
|
|||
|
many software packages installed by default can be used to obtain root
|
|||
|
shell from non-privileged account or in the worst cases across the
|
|||
|
network (or just mess up the box). Thus special attention should be
|
|||
|
given to package selection on the browser workstation.
|
|||
|
|
|||
|
|
|||
|
<20> Use workstation or custom installation mode. The latter is
|
|||
|
recommended, when selecting groups of packages, only choose base-
|
|||
|
system, networked workstation, mail/www services (make sure you
|
|||
|
later replace Communicator with Navigator) and X packages and then
|
|||
|
erase the unneeded RPMs. If using workstation mode you will have to
|
|||
|
(possibly manually) remove about 300 packages.
|
|||
|
|
|||
|
<20> When partitioning the disk follow the scheme below. The sizes are
|
|||
|
appropriate for the 3 GB disk, scale the sizes accordingly for
|
|||
|
bigger drive but this is really not needed for this setup as the
|
|||
|
whole Linux system is squeezed to under 200MB. Make sure those
|
|||
|
partitions (/,/home,/var and /tmp) are present! Separate /usr is
|
|||
|
not necessary! Remember to create a generous swap partition (at
|
|||
|
least the size of RAM).
|
|||
|
|
|||
|
|
|||
|
Partitions mount points and sizes used for a test system:
|
|||
|
|
|||
|
|
|||
|
Filesystem 1k-blocks Used Available Use% Mounted on
|
|||
|
/dev/hda1 1571528 184184 1307512 12% /
|
|||
|
/dev/hda7 300603 309 284773 0% /home
|
|||
|
/dev/hda6 300603 20 285062 0% /tmp
|
|||
|
/dev/hda5 809556 4640 763792 1% /var
|
|||
|
|
|||
|
|
|||
|
|
|||
|
<20> Remove all RPMs but those (list might be shortened later and
|
|||
|
automatic RPM-removal shell script might be written as well)
|
|||
|
|
|||
|
|
|||
|
|
|||
|
MAKEDEV-2.5.2-1
|
|||
|
SysVinit-2.78-5
|
|||
|
X11R6-contrib-3.3.2-11
|
|||
|
XFree86-100dpi-fonts-3.3.6-20
|
|||
|
XFree86-3.3.6-20
|
|||
|
XFree86-75dpi-fonts-3.3.6-20
|
|||
|
XFree86-S3-3.3.6-20
|
|||
|
XFree86-SVGA-3.3.6-20
|
|||
|
XFree86-VGA16-3.3.6-20
|
|||
|
XFree86-libs-3.3.6-20
|
|||
|
XFree86-xfs-3.3.6-20
|
|||
|
Xconfigurator-4.3.5-1
|
|||
|
apmd-3.0final-2
|
|||
|
ash-0.2-20
|
|||
|
at-3.1.7-14
|
|||
|
audiofile-0.1.9-3
|
|||
|
authconfig-3.0.3-1
|
|||
|
basesystem-6.0-4
|
|||
|
bash-1.14.7-22
|
|||
|
bc-1.05a-5
|
|||
|
bdflush-1.5-11
|
|||
|
binutils-2.9.5.0.22-6
|
|||
|
bzip2-0.9.5d-2
|
|||
|
chkconfig-1.1.2-1
|
|||
|
chkfontpath-1.7-2
|
|||
|
console-tools-19990829-10
|
|||
|
cracklib-2.7-5
|
|||
|
cracklib-dicts-2.7-5
|
|||
|
crontabs-1.7-7
|
|||
|
dev-2.7.18-3
|
|||
|
diffutils-2.7-17
|
|||
|
e2fsprogs-1.18-5
|
|||
|
ed-0.2-13
|
|||
|
eject-2.0.2-4
|
|||
|
etcskel-2.3-1
|
|||
|
file-3.28-2
|
|||
|
filesystem-1.3.5-1
|
|||
|
fileutils-4.0-21
|
|||
|
findutils-4.1-34
|
|||
|
freetype-1.3.1-5
|
|||
|
gawk-3.0.4-2
|
|||
|
gd-1.3-6
|
|||
|
gdbm-1.8.0-3
|
|||
|
getty_ps-2.0.7j-9
|
|||
|
glib-1.2.6-3
|
|||
|
glib10-1.0.6-6
|
|||
|
glibc-2.1.3-15
|
|||
|
gmp-2.0.2-13
|
|||
|
gpm-1.18.1-7
|
|||
|
grep-2.4-3
|
|||
|
groff-1.15-8
|
|||
|
gtk+-1.2.6-7
|
|||
|
gzip-1.2.4a-2
|
|||
|
hdparm-3.6-4
|
|||
|
imlib-1.9.7-3
|
|||
|
indexhtml-6.2-1
|
|||
|
info-4.0-5
|
|||
|
initscripts-5.00-1
|
|||
|
iputils-20000121-2
|
|||
|
isapnptools-1.21b-1
|
|||
|
kbdconfig-1.9.2.4-1
|
|||
|
kernel-2.2.14-5.0
|
|||
|
kernel-utils-2.2.14-5.0
|
|||
|
krb5-configs-1.1.1-9
|
|||
|
krb5-libs-1.1.1-9
|
|||
|
kudzu-0.36-2
|
|||
|
ld.so-1.9.5-13
|
|||
|
ldconfig-1.9.5-16
|
|||
|
less-346-2
|
|||
|
libc-5.3.12-31
|
|||
|
libgr-2.0.13-23
|
|||
|
libgr-progs-2.0.13-23
|
|||
|
libjpeg-6b-10
|
|||
|
libpng-1.0.5-3
|
|||
|
libstdc++-2.9.0-30
|
|||
|
libtermcap-2.0.8-20
|
|||
|
libtiff-3.5.4-5
|
|||
|
libungif-4.1.0-4
|
|||
|
libxml-1.8.6-2
|
|||
|
lilo-0.21-15
|
|||
|
logrotate-3.3.2-1
|
|||
|
losetup-2.10f-1
|
|||
|
mailcap-2.0.6-1
|
|||
|
man-1.5h1-1
|
|||
|
mingetty-0.9.4-11
|
|||
|
mkbootdisk-1.2.5-3
|
|||
|
mkinitrd-2.4.1-2
|
|||
|
mktemp-1.5-2
|
|||
|
modutils-2.3.9-6
|
|||
|
mount-2.10f-1
|
|||
|
mouseconfig-4.4-1
|
|||
|
ncompress-4.2.4-15
|
|||
|
ncurses-5.0-11
|
|||
|
net-tools-1.54-4
|
|||
|
netscape-common-4.72-6
|
|||
|
netscape-navigator-4.72-6
|
|||
|
newt-0.50.8-2
|
|||
|
ntsysv-1.1.2-1
|
|||
|
pam-0.72-6
|
|||
|
passwd-0.64.1-1
|
|||
|
pciutils-2.1.5-2
|
|||
|
popt-1.5-0.48
|
|||
|
procps-2.0.6-5
|
|||
|
psmisc-19-2
|
|||
|
pwdb-0.61-0
|
|||
|
raidtools-0.90-6
|
|||
|
rdate-1.0-1
|
|||
|
readline-2.2.1-6
|
|||
|
redhat-logos-1.1.0-2
|
|||
|
redhat-release-6.2-1
|
|||
|
rootfiles-5.2-5
|
|||
|
rpm-3.0.4-0.48
|
|||
|
rpmfind-1.4-3
|
|||
|
rxvt-2.6.1-8
|
|||
|
sash-3.4-2
|
|||
|
sed-3.02-6
|
|||
|
setup-2.1.8-1
|
|||
|
setuptool-1.2-5
|
|||
|
sh-utils-2.0-5
|
|||
|
shadow-utils-19990827-10
|
|||
|
slang-1.2.2-5
|
|||
|
slocate-2.1-2
|
|||
|
stat-1.5-12
|
|||
|
sysklogd-1.3.31-16
|
|||
|
tar-1.13.17-3
|
|||
|
tcl-8.0.5-35
|
|||
|
tcp_wrappers-7.6-10
|
|||
|
termcap-10.2.7-9
|
|||
|
textutils-2.0a-2
|
|||
|
time-1.7-9
|
|||
|
timeconfig-3.0.3-2
|
|||
|
tmpwatch-2.2-1
|
|||
|
utempter-0.5.2-2
|
|||
|
util-linux-2.10f-7
|
|||
|
vixie-cron-3.0.1-40
|
|||
|
which-2.9-2
|
|||
|
words-2-12
|
|||
|
xinitrc-2.9-1
|
|||
|
xpm-3.4k-2
|
|||
|
zlib-1.1.3-6
|
|||
|
|
|||
|
|
|||
|
|
|||
|
Unfortunately, some of the packages above might also be redundant and
|
|||
|
potentially unsafe (even glibc, the main runtime Linux library, was
|
|||
|
recently found to have locally exploitable bugs! And so was PAM module
|
|||
|
library). More candidates for elimination include gpm (console mouse
|
|||
|
services, had some exploit history last year) and many others. Xlib
|
|||
|
has a buffer overflow but can't be eliminated. Make sure the latest
|
|||
|
version is used.
|
|||
|
|
|||
|
|
|||
|
3.3. Install ssh
|
|||
|
|
|||
|
Install ssh-server RPM for remote administration. Do NOT use inetd
|
|||
|
daemon mode, make sshd run standalone and use /etc/hosts.allow for
|
|||
|
access control (ssh daemon will read the file upon startup)
|
|||
|
|
|||
|
|
|||
|
3.4. Make a boot floppy
|
|||
|
|
|||
|
Make sure you create a boot floppy using a mkbootdisk command as
|
|||
|
errors in LILO configuration might render the system unbootable.
|
|||
|
|
|||
|
|
|||
|
3.5. Modify configs
|
|||
|
|
|||
|
Make the following modifications to configuration files
|
|||
|
|
|||
|
<20> /etc/inittab
|
|||
|
|
|||
|
|
|||
|
|
|||
|
#
|
|||
|
# inittab This file describes how the INIT process should set up
|
|||
|
# the system in a certain run-level.
|
|||
|
#
|
|||
|
# Author: Miquel van Smoorenburg, <miquels@drinkel.nl.mugnet.org>
|
|||
|
# Modified for RHS Linux by Marc Ewing and Donnie Barnes
|
|||
|
#--fixed by anton for browser station
|
|||
|
|
|||
|
# Default runlevel. The runlevels used by RHS are:
|
|||
|
# 0 - halt (Do NOT set initdefault to this)
|
|||
|
# 1 - Single user mode
|
|||
|
# 2 - Multiuser, without NFS (The same as 3, if you do not have networking)
|
|||
|
# 3 - Full multiuser mode
|
|||
|
# 4 - unused
|
|||
|
# --anton--
|
|||
|
# 4 - browser X
|
|||
|
# 5 - X11
|
|||
|
# 6 - reboot (Do NOT set initdefault to this)
|
|||
|
#
|
|||
|
#id:3:initdefault:
|
|||
|
#--anton: default runlevel now 4! other levels protected by LILO password
|
|||
|
id:4:initdefault:
|
|||
|
|
|||
|
# System initialization.
|
|||
|
si::sysinit:/etc/rc.d/rc.sysinit
|
|||
|
|
|||
|
l0:0:wait:/etc/rc.d/rc 0
|
|||
|
l1:1:wait:/etc/rc.d/rc 1
|
|||
|
l2:2:wait:/etc/rc.d/rc 2
|
|||
|
l3:3:wait:/etc/rc.d/rc 3
|
|||
|
l4:4:wait:/etc/rc.d/rc 4
|
|||
|
l5:5:wait:/etc/rc.d/rc 5
|
|||
|
l6:6:wait:/etc/rc.d/rc 6
|
|||
|
|
|||
|
# Things to run in every runlevel.
|
|||
|
ud::once:/sbin/update
|
|||
|
|
|||
|
# Trap CTRL-ALT-DELETE
|
|||
|
#anton -- not here, disable
|
|||
|
#ca::ctrlaltdel:/sbin/shutdown -t3 -r now
|
|||
|
|
|||
|
# When our UPS tells us power has failed, assume we have a few minutes
|
|||
|
# of power left. Schedule a shutdown for 2 minutes from now.
|
|||
|
# This does, of course, assume you have powerd installed and your
|
|||
|
# UPS connected and working correctly.
|
|||
|
pf::powerfail:/sbin/shutdown -f -h +2 "Power Failure; System Shutting Down"
|
|||
|
|
|||
|
# If power was restored before the shutdown kicked in, cancel it.
|
|||
|
pr:12345:powerokwait:/sbin/shutdown -c "Power Restored; Shutdown Cancelled"
|
|||
|
|
|||
|
# Run gettys in standard runlevels
|
|||
|
1:2345:respawn:/sbin/mingetty tty1
|
|||
|
#--anton -- only one is needed! comment out the rest
|
|||
|
#2:2345:respawn:/sbin/mingetty tty2
|
|||
|
#3:2345:respawn:/sbin/mingetty tty3
|
|||
|
#4:2345:respawn:/sbin/mingetty tty4
|
|||
|
#5:2345:respawn:/sbin/mingetty tty5
|
|||
|
#6:2345:respawn:/sbin/mingetty tty6
|
|||
|
|
|||
|
# Run xdm in runlevel 5
|
|||
|
# xdm is now a separate service
|
|||
|
x:5:respawn:/etc/X11/prefdm -nodaemon
|
|||
|
|
|||
|
|
|||
|
|
|||
|
The file above disables Ctrl-Alt-Del combination and makes new run<75>
|
|||
|
level 4 a default runlevel. It also eliminates virtual consoles (all
|
|||
|
but 1).
|
|||
|
|
|||
|
<20> /etc/fstab
|
|||
|
|
|||
|
|
|||
|
#=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
|
|||
|
/dev/hda1 / ext2 defaults,ro 1 1
|
|||
|
/dev/hda7 /home ext2 defaults,nodev,noexec,nosuid 1 2
|
|||
|
/dev/hda6 /tmp ext2 defaults,nodev,noexec,nosuid 1 2
|
|||
|
/dev/hda5 /var ext2 defaults,nodev,noexec,nosuid 1 2
|
|||
|
|
|||
|
#=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
|
|||
|
#/dev/cdrom /mnt/cdrom iso9660 noauto,owner,ro 0 0
|
|||
|
#/dev/fd0 /mnt/floppy auto noauto,owner 0 0
|
|||
|
#=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
|
|||
|
none /proc proc defaults 0 0
|
|||
|
none /dev/pts devpts gid=5,mode=620 0 0
|
|||
|
/dev/hda8 swap swap defaults 0 0
|
|||
|
|
|||
|
#=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
|
|||
|
|
|||
|
|
|||
|
|
|||
|
Brief explanation for the options (see man mount for more)
|
|||
|
|
|||
|
<20> For / : mounted read-only (ro), just to make it a little bit harder
|
|||
|
to do Bad Things
|
|||
|
|
|||
|
<20> For /home, /tmp and /var : nodev,noexec,nosuid will prevent (a)
|
|||
|
starting executable from them (download and run through netscape
|
|||
|
attack), (b)running suid executables (well, redundant in presence
|
|||
|
of the above but nice to have too) (c)creating devices by makedev
|
|||
|
(no faked /dev/mem for kernel module attack)
|
|||
|
|
|||
|
Making /home read-only might be good idea too as no netscape is not
|
|||
|
supposed to write anything while running.
|
|||
|
|
|||
|
|
|||
|
<20> Remember to REMOVE floppy and CDROM physically and disable
|
|||
|
partitions (commented out)!
|
|||
|
|
|||
|
|
|||
|
|
|||
|
<20> /etc/rc.d/ directory
|
|||
|
|
|||
|
Create file xbrowser in /etc/rc.d/init.d and symlink (cd
|
|||
|
/etc/rc.d/rc4.d ; ln -s /etc/rc.d/init.d/xbrowser S99xbrowser)it as
|
|||
|
S99xbrowser in /etc/rc.d/rc4.d so that directory /etc/rc.d/rc4.d
|
|||
|
looks like this
|
|||
|
|
|||
|
|
|||
|
|
|||
|
drwxrwxrwx 2 root root 4096 Sep 10 15:30 .
|
|||
|
drwxrwxrwx 10 root root 4096 Sep 10 15:30 ..
|
|||
|
lrwxrwxrwx 1 root root 1179 Sep 10 15:30 S05kudzu-> ../init.d/kudzu
|
|||
|
lrwxrwxrwx 1 root root 5094 Sep 10 15:30 S10network-> ../init.d/network
|
|||
|
lrwxrwxrwx 1 root root 1367 Sep 10 15:30 S16apmd-> ../init.d/apmd
|
|||
|
lrwxrwxrwx 1 root root 1542 Sep 10 15:30 S20random-> ../init.d/random
|
|||
|
lrwxrwxrwx 1 root root 3217 Sep 10 15:30 S25netfs-> ../init.d/netfs
|
|||
|
lrwxrwxrwx 1 root root 1024 Sep 10 15:30 S30syslog-> ../init.d/syslog
|
|||
|
lrwxrwxrwx 1 root root 989 Sep 10 15:30 S40atd-> ../init.d/atd
|
|||
|
lrwxrwxrwx 1 root root 1031 Sep 10 15:30 S40crond-> ../init.d/crond
|
|||
|
lrwxrwxrwx 1 root root 1203 Sep 10 15:30 S75keytable-> ../init.d/keytable
|
|||
|
lrwxrwxrwx 1 root root 1261 Sep 10 15:30 S85gpm-> ../init.d/gpm
|
|||
|
lrwxrwxrwx 1 root root 1956 Sep 10 15:30 S90xfs-> ../init.d/xfs
|
|||
|
lrwxrwxrwx 1 root root 650 Sep 10 15:30 S99xbrowser-> ../init.d/xbrowser
|
|||
|
|
|||
|
|
|||
|
|
|||
|
This init files are run upon entering runlevel 4 (either at reboot or
|
|||
|
when typing init 4 from root prompt). Files are run in order of
|
|||
|
increasing numbers so that our xbrowser runs in the end.
|
|||
|
|
|||
|
xbrowser file looks like this
|
|||
|
|
|||
|
|
|||
|
#!/bin/bash
|
|||
|
# --anton: Init the box into X with browser, no login script
|
|||
|
echo "Starting standalone browser....."
|
|||
|
|
|||
|
#put a mark into log
|
|||
|
echo %%%%%%Reboot%%%%% >> /var/log/xlog
|
|||
|
|
|||
|
#this file marks X startrup using out xinitrc
|
|||
|
touch /tmp/startOK
|
|||
|
|
|||
|
#--main loop, indefinite with the presence of /tmp/startOK file ------------------
|
|||
|
while [ -f /tmp/startOK ] ; do
|
|||
|
|
|||
|
#put a mark into log
|
|||
|
echo %%%%%%Restart%%%%% >> /var/log/xlog
|
|||
|
|
|||
|
#kill stuck netscape if any (this doesnt help if it turn zombie)
|
|||
|
killall -9 netscape >& /dev/null
|
|||
|
|
|||
|
#clear netscape lock
|
|||
|
if [ -f ~netscape/.netscape/lock ]; then
|
|||
|
/bin/rm ~netscape/.netscape/lock
|
|||
|
fi
|
|||
|
|
|||
|
#start X windows, no winman, using the config that starts only netscape
|
|||
|
#config is in root home dir!!
|
|||
|
#X server runs as root, sort of BAD
|
|||
|
/usr/X11R6/bin/xinit /root/.xinitrc -- /usr/X11R6/bin/X bc
|
|||
|
|
|||
|
done
|
|||
|
#main loop end-------------------------------
|
|||
|
|
|||
|
|
|||
|
|
|||
|
This file will start X server upon boot up with no prompting (after
|
|||
|
LILO prompt). The X server will follow the directions in /root/.xini<6E>
|
|||
|
trc, below. X server config is shown below too.
|
|||
|
|
|||
|
<20> Make sure /etc/sysctl.conf looks like this
|
|||
|
|
|||
|
# Disables packet forwarding
|
|||
|
net.ipv4.ip_forward = 0
|
|||
|
# Enables source route verification
|
|||
|
net.ipv4.conf.all.rp_filter = 1
|
|||
|
# Disables automatic defragmentation (needed for masquerading, LVS)
|
|||
|
net.ipv4.ip_always_defrag = 0
|
|||
|
# Disables the magic-sysrq key
|
|||
|
#--anton: this IS important
|
|||
|
kernel.sysrq = 0
|
|||
|
|
|||
|
|
|||
|
|
|||
|
This disable kernel interaction keys (aka Magic SysRQ keys) on
|
|||
|
startup.
|
|||
|
|
|||
|
<20> /etc/X11/XF86Config
|
|||
|
|
|||
|
Make changes to /etc/X11/XF86Config that was automatically created
|
|||
|
during install to look have those in:
|
|||
|
|
|||
|
|
|||
|
|
|||
|
# File generated by XConfigurator.
|
|||
|
|
|||
|
...whatever...
|
|||
|
|
|||
|
# **********************************************************************
|
|||
|
# Server flags section.
|
|||
|
# **********************************************************************
|
|||
|
|
|||
|
Section "ServerFlags"
|
|||
|
|
|||
|
# Uncomment this to cause a core dump at the spot where a signal is
|
|||
|
# received. This may leave the console in an unusable state, but may
|
|||
|
# provide a better stack trace in the core dump to aid in debugging
|
|||
|
#NoTrapSignals
|
|||
|
|
|||
|
# Uncomment this to disable the <Ctrl><Alt><BS> server abort sequence
|
|||
|
# This allows clients to receive this key event.
|
|||
|
#--anton -- no X server kill
|
|||
|
#--another option is to have a kill as a means to fight broken/stuck netscape,
|
|||
|
#--restart will bring it back after cleanup
|
|||
|
DontZap
|
|||
|
|
|||
|
# Uncomment this to disable the <Crtl><Alt><KP_+>/<KP_-> mode switching
|
|||
|
# sequences. This allows clients to receive these key events.
|
|||
|
#--anton -- kinda bad too
|
|||
|
DontZoom
|
|||
|
|
|||
|
EndSection
|
|||
|
|
|||
|
...whatever...
|
|||
|
|
|||
|
|
|||
|
|
|||
|
Now, the DontZap is a questionable choice. The Crtl-Alt-Backspace
|
|||
|
sequence might be the only way to kill stuck netscape or the one with
|
|||
|
some window overlapping netscape controls (like, View Source or View
|
|||
|
Page Info) as no automatic netscape fixing is implemented. Disabling
|
|||
|
Java and JavaScript will decrease the likelihood of it crashing, but
|
|||
|
will not eliminate this miserable occurrence altogether. In the cur<75>
|
|||
|
rent setup pressing Crtl-Alt-Backspace if DontZap is commented out
|
|||
|
will cause X server to restart, killing netscape and doing a lock file
|
|||
|
cleanup.
|
|||
|
<20> /root/.xinitrc
|
|||
|
|
|||
|
Make sure that /root/.xinitrc looks like
|
|||
|
|
|||
|
|
|||
|
|
|||
|
/bin/rm -f ~netscape/.netscape/lock >& /dev/null
|
|||
|
|
|||
|
#--anton: otherwise non-root netscape cant run
|
|||
|
#--anton only allow local but from all users
|
|||
|
#--anton the name of test box was "afc" thus the line below
|
|||
|
xhost +afc
|
|||
|
#--anton:starts netscape as user "netscape" and full screen!!
|
|||
|
#make sure 1024x768 matches your monitor
|
|||
|
su netscape -c "netscape -no-about-splash -geometry 1024x768+0+0"
|
|||
|
|
|||
|
#---------------TESTING---------------------------
|
|||
|
#these commands were used in testing to set netscpae preferences
|
|||
|
#same as having "netscape" uiser home dir writable for this user
|
|||
|
#export HOME=/home/netscape
|
|||
|
#netscape -no-about-splash -geometry 1024x768+0+0 >& /tmp/LOG
|
|||
|
#---------------TESTING---------------------------
|
|||
|
|
|||
|
#also needed: X as user "guest" eventually
|
|||
|
|
|||
|
|
|||
|
|
|||
|
See comments in file for explanation
|
|||
|
|
|||
|
|
|||
|
3.6. Create user
|
|||
|
|
|||
|
Create user netscape, his home directory will be /home/netscape.
|
|||
|
|
|||
|
3.7. Change Netscape settings
|
|||
|
|
|||
|
Start netscape and apply a restricted settings as:
|
|||
|
|
|||
|
<20> no Java (known big risks, recently really big holes discovered in
|
|||
|
Netscape Java implementation),
|
|||
|
|
|||
|
<20> no JavaScript (some risks with password stealing and web mail
|
|||
|
hijacking),
|
|||
|
|
|||
|
<20> no cache (some Java bugs will access cache objects and then bypass
|
|||
|
JVM restrictions),
|
|||
|
|
|||
|
<20> no cookies (might not be possible though, low risk),
|
|||
|
|
|||
|
<20> remove all launches of nonstandard applications (ideally-all
|
|||
|
applications) with file types (by going to
|
|||
|
Netscape->Edit->Preferences->Navigator->Applications),
|
|||
|
|
|||
|
<20> history length set to 0 (next user can't see what previous was
|
|||
|
doing, the risk is in seeing URL-encoded passwords sometimes)
|
|||
|
|
|||
|
3.8. Chown the home directory
|
|||
|
|
|||
|
Do chown to root on /home/netscape (by chown -R root.root
|
|||
|
/home/netscape). Make sure that his home directory belongs to root,
|
|||
|
there are no world-writable files and subdirectories there and
|
|||
|
permission are at least
|
|||
|
|
|||
|
|
|||
|
|
|||
|
/home/netscape/:
|
|||
|
total 9
|
|||
|
drwxr-xr-x 4 root root 1024 Sep 7 18:29 .
|
|||
|
drwxr-xr-x 4 root root 1024 Sep 7 18:30 ..
|
|||
|
-rw-r--r-- 1 root root 16 Sep 7 18:29 .bash_history
|
|||
|
-rw-r--r-- 1 root root 24 Sep 5 08:21 .bash_logout
|
|||
|
-rw-r--r-- 1 root root 230 Sep 5 08:21 .bash_profile
|
|||
|
-rw-r--r-- 1 root root 124 Sep 5 08:21 .bashrc
|
|||
|
-rw-r--r-- 1 root root 93 Sep 7 18:25 .mailcap
|
|||
|
-rw-r--r-- 1 root root 0 Sep 7 18:25 .mime.types
|
|||
|
drwxr-xr-x 4 root root 1024 Sep 10 08:38 .netscape
|
|||
|
drwxr--r-- 2 root root 1024 Sep 6 00:04 .xauth
|
|||
|
|
|||
|
/home/netscape/.netscape:
|
|||
|
total 264
|
|||
|
drwxr-xr-x 4 root root 1024 Sep 10 08:38 .
|
|||
|
drwxr-xr-x 4 root root 1024 Sep 7 18:29 ..
|
|||
|
drwxr--r-- 2 root root 1024 Sep 6 00:04 archive
|
|||
|
-rw------- 1 root root 14757 Sep 7 18:38 bookmarks.html
|
|||
|
drwxr--r-- 3 root root 1024 Sep 7 18:24 cache
|
|||
|
-rw-r--r-- 1 root root 188416 Sep 6 00:05 cert7.db
|
|||
|
-rw-r--r-- 1 root root 16384 Sep 7 18:30 history.dat
|
|||
|
-rw-r--r-- 1 root root 111 Sep 7 16:20 history.list
|
|||
|
-rw-r--r-- 1 root root 16384 Sep 6 00:05 key3.db
|
|||
|
-rw-r--r-- 1 root root 0 Sep 6 00:04 nswrapper.copy_defs
|
|||
|
-rw-r--r-- 1 root root 279 Sep 10 08:38 plugin-list
|
|||
|
-rw-r--r-- 1 root root 3398 Sep 7 18:29 preferences.js
|
|||
|
-rw-r--r-- 1 root root 741 Sep 7 18:29 registry
|
|||
|
-rw-r--r-- 1 root root 16384 Sep 7 18:29 secmodule.db
|
|||
|
|
|||
|
|
|||
|
|
|||
|
Carefully test netscape functionality upon doing the chown to root!
|
|||
|
At present, I have not found a way to avoid periodic Netscape
|
|||
|
complaints about "Can't write preferences".
|
|||
|
|
|||
|
Another note is appropriate. Netscape is VERY buggy (last example is
|
|||
|
Red Hat Linux Security Advisory presents a way to crash and exploit
|
|||
|
netscape using a specially crafted JPEG image) and is likely to crash
|
|||
|
periodically, possibly producing a buffer overflow with shell access
|
|||
|
for the intruder. This shell will have the netscape user as owner.
|
|||
|
Thus the absence of xterm and rxvt on the system is absolutely crucial
|
|||
|
as it provides another line of defense. Permission on the system
|
|||
|
should also be set very conservatively (no world-writable files).
|
|||
|
Ideally, NO files should be owned by user "netscape" on the system AT
|
|||
|
ALL (do a find / -user netscape command to confirm this, also check
|
|||
|
for world writable files with find / -perm -2 ! -type l -ls).
|
|||
|
|
|||
|
|
|||
|
3.9. Config lilo
|
|||
|
|
|||
|
Modify /etc/lilo.conf
|
|||
|
|
|||
|
|
|||
|
|
|||
|
boot=/dev/hda
|
|||
|
map=/boot/map
|
|||
|
install=/boot/boot.b
|
|||
|
prompt
|
|||
|
timeout=50
|
|||
|
default=linux
|
|||
|
|
|||
|
image=/boot/vmlinuz-2.2.14-5.0
|
|||
|
label=linux
|
|||
|
read-only
|
|||
|
root=/dev/hda1
|
|||
|
restricted
|
|||
|
|
|||
|
|
|||
|
|
|||
|
The word restricted will cause password prompting in order to enter
|
|||
|
non-standard runlevel (e.g. linux init 0 from LILO: prompt).
|
|||
|
|
|||
|
That implies using stock RH 6.2 kernel. Kernel upgrade to 2.2.16 might
|
|||
|
be a good idea as some bugs were found in early 2.2.14 kernels (low
|
|||
|
risk).
|
|||
|
|
|||
|
|
|||
|
3.10. REMOVE binaries
|
|||
|
|
|||
|
REMOVE /usr/X11R6/bin/xterm xterm executable COMPLETELY! This is
|
|||
|
REALLY IMPORTANT as shell will be much harder to obtain in this case.
|
|||
|
Make sure its clone, rxvt, is not installed! Ideally, all programs
|
|||
|
that can spawn a shell should be removed.
|
|||
|
|
|||
|
|
|||
|
3.11. Physical security
|
|||
|
|
|||
|
Some physical security
|
|||
|
|
|||
|
<20> Secure reset button
|
|||
|
|
|||
|
<20> Remove CDROM and floppy disk drive
|
|||
|
|
|||
|
<20> Prevent access to the box to avoid hard drive replacement
|
|||
|
|
|||
|
|
|||
|
3.12. Some final touches
|
|||
|
|
|||
|
Some final touches (nice but not essential for system functionality)
|
|||
|
|
|||
|
<20> Implement free disk space monitor top avoid partition overflows
|
|||
|
|
|||
|
<20> Enable remote logging (preferably to some dedicated box with host-
|
|||
|
based IDS that analyzes the logs)
|
|||
|
|
|||
|
4. Conclusion
|
|||
|
|
|||
|
It just might work ;-)
|
|||
|
|
|||
|
5. References
|
|||
|
|
|||
|
|
|||
|
1. Web Kiosk HOWTO
|
|||
|
|
|||
|
Similar HOWTO, main differences: no keyboard, uses fvwm2
|
|||
|
|
|||
|
2. Public Web Browser HOWTO
|
|||
|
|
|||
|
Similar HOWTO, older and less security oriented
|
|||
|
3. Security HOWTO
|
|||
|
|
|||
|
Linux Security HOWTO
|
|||
|
|
|||
|
4. NIC Site
|
|||
|
|
|||
|
You can buy something similar to what is described in the HOWTO for
|
|||
|
$199 (I am not affiliated with the company in any way)
|
|||
|
|
|||
|
5. http://www.chuvakin.org/ispdoc
|
|||
|
|
|||
|
I also maintain a Linux ISP HOWTO.
|
|||
|
|
|||
|
6. http://www.chuvakin.org/books
|
|||
|
|
|||
|
I also maintain a list of computer/network security related books
|
|||
|
with (where available) reviews and online availability. If you have
|
|||
|
a book that I don't list please use the form on the page and I will
|
|||
|
add it to the list and maybe review it later.
|
|||
|
|
|||
|
|
|||
|
|