Mailinglist Archive: opensuse (1332 mails)

["Carlos E. R." <robin.listas@xxxxxxxxxxxxxx>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



On Wednesday, 2009-05-06 at 22:21 +0200, Anders Johansson wrote:

> On Wednesday 06 May 2009 21:40:49 Carlos E. R. wrote:
> > But the packets are not linked to apps
>
> Network packets? Depends on when you look at them. Once they've passed down
> the protocol stack that is perfectly true, but why wait that long. You could
> prevent the application from calling the syscalls to open a socket in the
> first place

Ah, interesting.
But, are there any plans of implementing such a thing? Apparmour could 
perhaps be modified to look at that.


> > Thus the popup message given in Windows is not possible here, the firewall
> > works very differently.
>
> If you restrict yourself to iptables, that may be. But why do that.
>
> Still, I'm not sure if the desired security model you're aiming for here is
> something to be desired

Which one, that of popping up messages to ask the user for permission to 
open ports? No, I'm not proposing that, it is somebody else.

- -- 
Cheers,
       Carlos E. R.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)

iEYEARECAAYFAkoB9YIACgkQtTMYHG2NR9XGGwCeNLaoMp6aUyW53rW1QR7PAkH4
kWAAniIfkZ+PZkeqbYesNWdi/IMVpDsz
=UYhn
-----END PGP SIGNATURE-----
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx