Re: forbid internet access to an application?
- From: Unruh <unruh-spam@xxxxxxxxxxxxxx>
- Date: Sun, 27 May 2007 23:41:53 GMT
Allen Kistler <ackistler@xxxxxxxxx> writes:
lucatrv wrote:
Hi, I'd like to ask if it's possible to restrict access to the internet to
an application (i.e. the list of files which belongs to a package).
Under windows there are plenty of firewall programs, which make you decide
if an application should access the internet or not.
That would of course be entirely trivial to evade. Just make a hard link to
the program with a different name.
It is like denying access to a building to anyone who says their name is John.
How long would that be effective?
If you told us which program you wanted to restrict, then we could perhaps
give better advice.
I looked on internet and didn't find anything similar under linux. For what
I could understand, neither apparmor or selinux can do that...
The netfilter owner module can accomplish this objective (according to.
the man page, though I've never used it). The switch you want is
--cmd-owner, however the man page also states that cmd matching is
broken on SMP machines. YMMV
- Follow-Ups:
- Re: forbid internet access to an application?
- From: lucatrv
- Re: forbid internet access to an application?
- References:
- forbid internet access to an application?
- From: lucatrv
- Re: forbid internet access to an application?
- From: Allen Kistler
- forbid internet access to an application?
- Prev by Date: Stats comp.os.linux.networking (last 7 days)
- Next by Date: Re: forbid internet access to an application?
- Previous by thread: Re: forbid internet access to an application?
- Next by thread: Re: forbid internet access to an application?
- Index(es):
Relevant Pages
|
