I'm working on a system for an engineer that is locked down, but not down to the server level -- meaning, it can run Xorg.
It will be primarily used inside a secure environment. This means that the built-in camera, sound in/out, and usb (et al.) are disabled and locked on the BIOS level and the modules removed from disk.
The engineer works at the command line and vim, but he does need access to a web browser.
It seems like overkill to install all of X and the GNOME 3 desktop environment to use a web browser, especially because it increases the amount of attack vectors when he is outside the secure environment.
A minimalist, lightweight window manager might do, but I'm really not sure which to choose. I'm interested in your opinions.
Links/Elinks can't be used. It's quite amazingly usable, but we can't use it for what we need it for. Something like NetSurf (running against the Framebuffer) might work. I'm in the process of tracking down dependencies for NetSurf, which runs against the Framebuffer. The build instructions are from 2010, and the libraries of Fedora 20 are considerably newer. Dunno if this is going to work.
What have admins had success with either on their own machines or deploying onto systems in this situation? Any advice?
[link][2 comments]