begin quoting Gregory K. Ruiz-Ade as of Mon, May 12, 2008 at 03:05:31PM -0700: > On May 12, 2008, at 1:41 PM, SJS wrote: > > >Of course, a lot of software complains and dies if it can't talk to > >the mothership; and then there's the ever-present problem of a > >misclick turning off ALL access... > > You can always go into the rule editor and fix mistakes later.
Yup. And you can disable the hit-return-to-accept, which helps take care of the multi-tasking problem (Wait! What did I just agree to?) that the OS ought to be preventing (theft of input focus is evil and ought not be to allowed). > >My only complaint with little snitch is that I can't set the defaults > >on my own. And that there isn't (to my knowledge) a linux variant. > > Well, basically Little Snitch creates outbound firewall rules tied to > applications. You can do the same thing by hand with iptables, i > think (or can you only tie to a running process/user?). The trick is I've never seen iptables tied to applications or users. But then, it's been a LONG time since I've played with iptables. > the GUI component, and a little Tcl/Tk (or Perl/Tk) could handle > that. Might not integrate perfectly with the GNOME/KDE desktop stuffs > easily, but that's version 0.2, right? Are those hooks really in place for that sort of thing? Aside from wedging some code of your own into the appropriate open() syscall. -- If you're playing with the syscall, you might not need iptables. Stewart Stremler -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
