There is by user and there is nothing that says mozilla can't be setuid allowhttp(A new account you create). However there is also protocol level identification, I can't find it now. It was a regex based filter for iptables that would let you say match all http that did not use ports.
--- Marc Demlenne <[EMAIL PROTECTED]> wrote: > Hi all, > > Is it possible, using iptables, to write a rule that match a paquet > depending on the program (or pid) which emitted it or is supposed to > receive it ? > > For example, i can block all traffic from my box to the outside world > except that which is in destination of port 80, allowing HTTP traffic. > But a trojan could still communicate with the outside if it communicates > with the port 80 of another box. > > Is it possible to limit a bit more the traffic to the only paquet which > are emitted from a web browser (say mozilla) and to dest-port 80 ? > > Would it be a good way to protect a box ? > > Thanks for all of your ideas. > > -- > Marc Demlenne > GPG : 768FA483 (www.keyserver.be) > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > __________________________________ Do you Yahoo!? Yahoo! Finance: Get your refund fast by filing online. http://taxes.yahoo.com/filing.html
