could you add this feature or discuss it at 13.04 Developer Summit?

Matthew Paul Thomas mpt at
Thu Oct 18 08:10:26 UTC 2012

Hash: SHA1

Nicolas Michel wrote on 17/10/12 07:23:
> I think what Brian wants (correct me if not) is an application 
> level firewall. On Windows most antivirus do it : you get a popup 
> when an application try to access something you didn't already 
> allowed to. I think what should be done is an AppArmor graphical 
> frontend (with notifications).

If anyone would like to implement that, here's a design I prepared
earlier. <>

However, Brian specifically mentioned "the logging features of the
application-firewall", not just the firewall itself.

> ...
> But honestly, Linux is not Windows Brian. Every application is 
> open-source (except if you installed a propriatary app from the 
> net). It means from a security point of view that everyone can
> read the source code (it he has the skill)  and see what the
> application do exactly.

As Ma pointed out, this is less true as USC sells more proprietary
applications. Even if it was true, though, I expect it would be much
easier to figure out what a program is doing network-wise by running
something like wireshark, than by reading the source code for the
application and all its dependencies.

- -- 

Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla -


More information about the Ubuntu-devel-discuss mailing list