On Thursday 07 May 2009 05:05:57 pm Carlos E. R. wrote:
On Thursday, 2009-05-07 at 12:00 -0700, Prasun Dhara wrote:
"..but port open/closing is **NOT** to be done at run time."
-----> Say for example one application needs the open port once in a day for communicating.would it be better to keep a port open for ever after installation even if it is not needed??
Yes, in Linux the port is normally opened on the firewall at all times.
So, when I install something that in my opinion has to loose understanding of security, I should live with it. No, so what I do? Remove Internet only for that application. How do I do that? AppArmor is designed to do that, but setup is somewhat perplexed with language that for sure many professionals will not understand at once. Basically there is no need to invent new application, but to make instructions for AppArmor sound somewhat lesser scientific, and maybe it should appear on its own and ask a question, instead to hide itself in YaST. -- Regards, Rajko http://news.opensuse.org/category/people-of-opensuse/ -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org