[Tails-dev] Please review feature/firewall_lockdown

Poista viesti

Vastaa
Lähettäjä: anonym
Päiväys:  
Vastaanottaja: The T(A)ILS public development discussion list
Aihe: [Tails-dev] Please review feature/firewall_lockdown
Please review and merge feature/firewall_lockdown, currently merged into
experimental. This time it should merge cleanly into devel.

This branch modified the firewall to use a white-list/principle of least
privelege approach for local services, so only users that reasonably
need access to e.g. Tor's SOCKS port have it. It also adds logging
(visiable in dmesg) for rejected packets, disables some unwanted
services that bloat that log (e.g. Pidgin's UPnP support), and makes
some local services IPv6 only to avoid duplication of white-list rules.

Cheers!