could you add this feature or discuss it at 13.04 Developer Summit?
Matthew Paul Thomas
mpt at canonical.com
Thu Oct 18 08:10:26 UTC 2012
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Nicolas Michel wrote on 17/10/12 07:23:
>
> I think what Brian wants (correct me if not) is an application
> level firewall. On Windows most antivirus do it : you get a popup
> when an application try to access something you didn't already
> allowed to. I think what should be done is an AppArmor graphical
> frontend (with notifications).
If anyone would like to implement that, here's a design I prepared
earlier. <https://wiki.ubuntu.com/Networking#firewall>
However, Brian specifically mentioned "the logging features of the
application-firewall", not just the firewall itself.
> ...
>
> But honestly, Linux is not Windows Brian. Every application is
> open-source (except if you installed a propriatary app from the
> net). It means from a security point of view that everyone can
> read the source code (it he has the skill) and see what the
> application do exactly.
As Ma pointed out, this is less true as USC sells more proprietary
applications. Even if it was true, though, I expect it would be much
easier to figure out what a program is doing network-wise by running
something like wireshark, than by reading the source code for the
application and all its dependencies.
- --
mpt
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://www.enigmail.net/
iEYEARECAAYFAlB/uXIACgkQ6PUxNfU6ecqjuQCgpKCoOsdzbFvotkeXoysLAFA7
VAIAnRxRkP9zFdCKsjBmeCKmFVaAW518
=HcXw
-----END PGP SIGNATURE-----
More information about the Ubuntu-devel-discuss
mailing list