mobility and firewall
Travis Watkins
alleykat at gmail.com
Sat Jun 4 23:12:25 CDT 2005
On 6/4/05, Christoph Georgi <christoph.georgi at web.de> wrote:
>
>
> Michael R Head wrote:
> <snip>
> >>
> >>>$IPTABLES -A OUTPUT -p TCP --dport http -m owner --cmd-owner firefox -j
> >>>ACCEPT
> >>>
> >>>$IPTABLES -A OUTPUT -p TCP --dport http -m owner --cmd-owner firefox-bin
> >>>-j ACCEPT
> >>>
>
> <snip>
>
> >
> > Still, it's not very helpful unless it uses the full path to the
> > executable.
> >
> >
>
> AFAIK it's taking the process name of the running process as one can see
> it with 'netstat -p'. No full path required...
>
> christoph
> --
>
>
> Christoph Georgi
> -----------------------------
> email. christoph.georgi at web.de
> fon. +64 (0)9 815 8259
>
> registered linux user #380268
> ubuntu 5.04 (ubuntu.com)
>
What's to stop me from making a malicious program called 'firefox' then?
--
Travis Watkins
http://www.realistanew.com
More information about the ubuntu-devel
mailing list