-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Nicolas Michel wrote on 17/10/12 07:23: > > I think what Brian wants (correct me if not) is an application > level firewall. On Windows most antivirus do it : you get a popup > when an application try to access something you didn't already > allowed to. I think what should be done is an AppArmor graphical > frontend (with notifications).
If anyone would like to implement that, here's a design I prepared earlier. <https://wiki.ubuntu.com/Networking#firewall> However, Brian specifically mentioned "the logging features of the application-firewall", not just the firewall itself. > ... > > But honestly, Linux is not Windows Brian. Every application is > open-source (except if you installed a propriatary app from the > net). It means from a security point of view that everyone can > read the source code (it he has the skill) and see what the > application do exactly. As Ma pointed out, this is less true as USC sells more proprietary applications. Even if it was true, though, I expect it would be much easier to figure out what a program is doing network-wise by running something like wireshark, than by reading the source code for the application and all its dependencies. - -- mpt -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://www.enigmail.net/ iEYEARECAAYFAlB/uXIACgkQ6PUxNfU6ecqjuQCgpKCoOsdzbFvotkeXoysLAFA7 VAIAnRxRkP9zFdCKsjBmeCKmFVaAW518 =HcXw -----END PGP SIGNATURE----- -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
