Building a Linux system for a Child, part 3: Security concerns

By now you’ve got that old computer purring along like a panther with your new favorite distribution of Linux, loaded to the brim with educational software, ready to propel your child to the heights of intellectual stimulation. But before we launch this starship, let’s take a bit to make sure the safety equipment is in order and reign in some potential problems.

Parental Controls, filtering, etc

I’ve mentioned before that a lack of easy parental controls is one of the downsides of using Linux for a child. The frustrating thing here is that nearly all the basic groundwork for these things already exists in Linux, and has been there for years; but nobody has successfully pulled them together into a simple centralized interface for mainstream use. History is littered with projects that attempted to do this (gnome-nanny, timekpr, Ubuntu Christian-Edition’s parental controls), but were subsequently abandoned, obsoleted by developments in desktop environments, or never released to more than a single distro. Some of these things might still work for you depending on the distribution you use, but even if they don’t, there are some things you can do.

Web content filtering

  • Dansguardian, in concert with Squid, can make for a really top-notch content filtering system, and setting it up isn’t really that hard if you’re up to some reading and able to do the config-file thing. You can set this up on a separate box (this is what I do), or install it right on the child’s computer. This, plus a little iptables magic to force web traffic to the proxy, works well for keeping the web safe. A quick search for “dansguardian howto” should turn up some decent instructions for your distro of choice.
  • For the less intrepid, OpenDNS is a third-party DNS service that offers some filtering solutions at the DNS level1. Check them out at http://www.opendns.com.
  • Some browser plugins, such as Procon Latte for Firefox, provide content filtering and whitelisting in the browser itself. The only downsides are that (a) it only works for the browser you install it on, and (b) it has to be configured per-account (for those of you with multiple kids).
  • The Linux Mint family of distributions features MintNanny, which is billed as a parental control, but is basically a web domain blacklisting utility. Unfortunately it can’t whitelist as of this writing, so it’s utility for sanitizing the Internet is a little limited. If you just need to block a few problematic websites, this might be adequate.

Time restrictions

  • The /etc/security directory on many distributions (Ubuntu, Debian, etc) allows for easy (well, compared to PAM) configuration of certain types of user-based restrictions. Probably /etc/security/time.conf is the most actually useful to parents, because it lets you limit when a given user can be logged in. The other files are probably too low-level to be of much use in restricting kids, but it’s worth a look to see what’s there.

Application restrictions

  • The simplest ways to restrict what applications a child can run are simply (a) don’t install them in the first place, or (b) use a desktop environment where you can explicitly configure what applications show up in the menu. Many programs intended for kiosk use, or just old-school environments that lack automated or graphical configuration features, are quite suitable in this application.
  • If your distribution ships AppArmor, you can use it to restrict whether or not a program can use the network or not. Writing AppArmor profiles is not the most entertaining thing in the world (though it beats working with SELinux), but well within the ken of most long-time Linux geeks. If you’re really clever, there’s probably a way to do this per-user using pam_apparmor rules; but this bit is beyond me.

Do we need Parental Controls?

Parental controls seem to be a contentious issue in some segments of the Linux community; whenever I’ve see the issue come up on community forums and the like, there is always a vocal group of people who seem to have a problem with anything that limits or restricts a user of the system, and they don’t see the need for such things to exist in Linux. Others just feel parental controls are ineffective and pointless.

As a parent, I don’t agree. “Parental Controls” are not about magically turning the computer, or the Internet, into a kid-friendly wonderland. They’re about having tools to enforce the rules, and a means of drawing some clear boundaries with the help of technology, if only to help my children from unwittingly stumbling into things they are better off avoiding, or keeping the “honest child honest”. And frankly, anyone who thinks you can effectively parent a child without limiting his freedom now and then is living in a fantasy world.

Network access outside the browser

Protecting kids from online harassment, predators, and inappropriate content is no small issue for parents in these sorry days, and simply filtering the web browser is not enough. Many games (open source or otherwise) can now be played on the Internet using public servers, and allow kids to download content and communicate with people all over the world. If you (or the parents of the child getting the computer) don’t feel the child is ready to deal with this interaction responsibly, it’s imperative to make sure that any “Net-enabled” games installed are suitably blocked or disabled from going online.

Here’s a short, and very incomplete, list of network-related problems I’ve run into or heard about:

  • Some games I’ve seen that let you connect to public online servers and chat with other players include minetest, netpanzer, frozen bubble, and hedgewars.
  • Ubuntu’s Unity desktop as of 12.10 returns search results from Amazon.com when you type into the dash search. The results are not filtered in any way, and examples have been reported of decidedly non-kid-friendly results popping up for pretty innocuous searches (or even system commands). This feature can be disabled or removed, and probably should be for a child’s computer.
  • KDE’s “get hot new stuff” functionality (now known as DXS, where you can get new widgets/wallpapers/themes directly inside the configuration tools) pulls content directly from freedesktop.org. Once in a rare while, someone posts something that is unfit for little eyes, and it isn’t really moderated as far as I can tell. It’s not clear to me whether this feature respects your proxy settings, or whether its content would be filtered in any case. You may have to look about for a fix, block freedesktop.org, or (tragically) just not use KDE.
  • Desktop Environments sometimes come with their own web browser, like Konqueror, reKonq, or Epiphany, which nobody really uses (kidding, devs!), and thus tends to get overlooked when setting up (e.g.) proxy settings. If you aren’t doing global proxy settings, enforcing proxy settings at the router, or forcing all web traffic to the proxy with iptables rules, then you need to take careful stock of the installed browsers and make sure they’re all appropriately secured.
  • IRC is a very popular way to do support on a lot of distributions, and most desktop distros (including some of the “for kids ones”) ship with an IRC client (XChat, Konversation, etc), and some popular instant-messenger programs (pidgin, e.g.) support IRC. Often these are pre-configured to point to a free IRC server like freenode, and don’t require an account or login.

Potentially offensive stuff

The free software community has deep roots in 80’s hacker culture, a counter-culture movement whose members are often iconoclastic, anti-establishment, and rather libertine. I’m not saying it’s a cesspool of indecency, but now and then things filter through that are probably not going to find favor with most parents.

Often this takes the form of inappropriate references in program names, profanity in games or documentation, or just images that may confuse those not familiar with the cultural background. For example, the utility for connecting to network services in XFCE is called “gigolo”, which I’m sure was a hilarious pun for the person who wrote it; but I’m not giving a neighbor child a desktop with a program called “gigolo”, no matter how innocent its functionality is. And then there’s “Chuckie”, the FreeBSD mascot, who is depicted as a red devil with horns and a pitchfork. He shows up in several child-oriented games (including GCompris and SuperTuxKart). Nothing malicious or “Satanic” is intended by his presence (just a shoutout to FreeBSD, really), but for parents who aren’t familiar with FreeBSD or what this character represents, a devil with a pitchfork randomly showing up in a children’s game is a bit of an eyebrow-raiser2.

If you’re setting up a system for someone else’s child, check the things you install for “eyebrow raisers”. These may be different depending on your culture, the parents/guardians involved, and the child(ren)’s unique sensitivities, but you can’t just trust everything you find in a software repo to be kid-friendly (or at least, friendly to every kid).

Root access?

Now here’s a question to ponder; do you give your child root (or sudo) access? If this is not your child we’re talking about, that’s probably a decision you should discuss with the child’s parent or guardian. In doing so, one has to consider the ramifications of this decision:

  • The child can potentially mess up the system with careless tinkering
  • The child can pretty much defeat any sort of restrictions placed on the machine (filtering, time limits, etc), assuming (s)he’s intelligent enough
  • The child can install any software in the repositories, some of which may be inappropriate for kids
  • The child can view (and edit… and delete) all other files on the system (if it’s a shared system)

I’ve been comfortable with my older children having root, but I’ve reserved the right to take it from them if I find it’s been abused. Of course, if the computer is not being shared and not connected to the internet, there’s probably not much the child will end up doing with root access, so it’s kind of moot.

Conclusion

I’ve given you a bit to ponder here, and probably haven’t touched on everything you need to consider when it comes to keeping kids safe on the computer; but I hope you get some of the state of mind you have to take when assessing possible issues in your system’s configuration and applications. When you give a child a computer, you give them a powerful tool; it’s naive to think that power can only be used positively and safely. Whatever you do to configure the computer for safety, make sure you configure the child for safety as well. Set rules, and enforce them. Communicate with your child about his computer use, and guide him into healthy choices.

In the next article, I’ll talk about some wishes I have for the future of Free computing for kids.

The next article can be found here: https://alandmoore.com/blog/2013/03/18/building-a-linux-system-for-a-child-part-4-a-wishlist/

Footnotes:

1 “DNS” is the service that translates domain names (like alandmoore.com) into IP addresses. If there isn’t an IP for a site, you can’t go there. DNS-level filtering means that OpenDNS has a huge database of “bad” sites, for which it can (optionally) return no IP. This approach has some limitations, of course, but it’s better than nothing for keeping kids away from dodgy websites.

2 Dear non-parents, please take a moment appreciate what we parents are dealing with these days, and why we often reject some really cool things for what may seem to you like silly, arbitrary, illogical reasons.

When I was a kid, the TV had five channels on a sunny day; the video games had 8-bit (or less) graphics; movies were watched in the theater with my parents; and the “information superhighway” was the road you took to the public library. It was a time when using the word “sex” in a pop song caused a scandal, Hollywood still made (and promoted) “G” movies, sitcoms were about happy middle-class families, and nobody on TV ever got brutally murdered before 9 p.m. – not even in cop shows (and even then, you didn’t actually see it).

Our kids are bombarded by media from all directions everywhere they turn. Never mind what TV and pop music have become, the Internet alone brings movies, pictures, songs, games, and words from all kinds of people all over the world and puts them all a few clicks away. Unfortunately much of it is made by people who just don’t grasp what is appropriate to put in front of children, or by well-intentioned people whose cultural values are simply at odds with our own. There is no way we can thoroughly and objectively evaluate the sheer volume of readily-available media before they consume it. I can’t read every comment on every wiki, watch every cut-scene in every game, or test every hyperlink on every website they want to visit. About all we can do is make the best evaluation possible based on a quick once-over and occasional observation, and err on the side of caution.

It’s not always a question of finding grossly offensive things worthy of feet-stamping and congressman-calling, but often just small “red flags” that indicate a potential problem with what the authors of this content consider acceptable for children. Yes, we may jump to conclusions and get it wrong now and then; we may wrongly reject something really cool over a dumb misunderstanding. Frankly, though, our children have no shortage of safe, healthy, and productive ways to entertain themselves and expand their worlds; so unless it’s something that has enough “awesome factor” to warrant careful examination, there’s no reason to waste time with things that contain more than a couple of “eyebrow-raisers”.

6 Thoughts on “Building a Linux system for a Child, part 3: Security concerns

  1. Joshua Brown says:

    Thank you for the pertinent and helpful information. I am currently setting up a linux-box for my 8yr old nephew, and have been digging for weeks now unable to find current information on parental-controls etc. Thank you for your wonderful article!

  2. CptHowdy says:

    This is a great blog series. I have toyed with doudou, sugar(totally unsuccessful), and Quimo(my top pick from these 3), still in search of a solution for my 7 yr old. the biggest problem with linux distros is the incompatibility with the unity web player, which is used for my jumpstart.com subscription. if theres any positive builds that are completed with this information, i would love to know about specifics, instead of reccomendations. still looking to finish my son’s perconal computer. Thanks for all you have offered in this inrmative blog.

  3. Mike says:

    Finally a common sense attitude to child filtering and someone who still has decent values and morals. I’m getting sick and tired of the anti-establishment Linux dev community telling parents they shouldn’t filter their kids internet in the name of freedom. I wish they’d grow up and have kids of their own. Is it any wonder Linux desktop is going nowhere and Windoze still rules the home. K9 guardian was a great program for windows, why can’t a clever nerdy Linux develope producer something similar, we don’t want to setup squid, proxies and Dans Guardian for goodness sake, we want simplicity. Sheesh!

    1. Alan says:

      Appreciate your frustration Mike, but let’s be fair; we can’t really complain about what other people aren’t building for us for free (especially if we call them nerds).

      Since writing this, I’ve discovered that Mageia has some decent (though maybe not quite feature-complete) parental controls built in. Check out Drakguard.

      Ultimately, we have to remember that free software happens when people who want something build it. Maybe it’s time I took another crack at it…

      1. Mike says:

        Who said it would be for free? That’s the point, nobody is saying that a decent, reliable parental filter should be developed for free. There are various business models like K9 and OpenDNS use, free basic version and paid better version. It appears after many, many years of Linux desktop development, nobody can be bothered to produce something, even a paid version. What does that say about the linux dev community in general, when there are thousands of programs for such niche features, that a major function like this has not been developed. In windoze there are dozens of such products. What gives? Not all of us are linux developers, some just users, some just parents. When you try to sell linux to other parents many refuse solely due to the lack of filters available. If devs were truly serious about getting people off windoze, as all their rhetoric over the years shows, they would get together and develop something for parents. Simple as that.

Leave a Reply to Mike Cancel reply

Your email address will not be published. Required fields are marked *