More to the point, implementing this would give snaps the ability to add fine-grained network permissions for plugs, and this would suddenly make snaps a very attractive alternative to Docker images for server apps. I think this should be considered for priority.
-- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/796588 Title: Fine-grained network mediation Status in AppArmor: In Progress Status in apparmor package in Ubuntu: Triaged Status in linux package in Ubuntu: Triaged Bug description: Binary package hint: apparmor This is a wishlist item / feature request. Increase the granularity of network restrictions to allow specification of which ports or ranges of ports can or can't be used by an application. This functionality is available in systrace if either the example or code would be of help: http://en.wikipedia.org/wiki/Systrace http://www.systrace.org/ To manage notifications about this bug go to: https://bugs.launchpad.net/apparmor/+bug/796588/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
