On Thursday, October 06, 2005, at 10:45AM, David F. Bills <[EMAIL PROTECTED]> wrote:
>I assume you've all seen this as well? > >http://www.macosxhints.com/article.php?story=20051001212614184&lsrc=osxh Well, yeah. I suppose I had a hand in creating it. Well the initial investigation and testing anyway. If it turns out that this vulnerability is due to a Tiger change I'll still be a bit concerned as to why it wasn't disclosed. Anyway, when the dev gets back from vacation we'll get answers :) And in response to the LS Support response: >Unfortunately I can not give detailed technical answers to the questions >raised in this thread. The developer who's coding LittleSnitch is on vacation >currently - he can and will give the answers you're entitled to get as soon as >he's back. Ah, good to hear. I look forward to the response. >But I definitely want to make clear, that Objective Development is concerned >about these security issues and we _are_ thinking about better ways to protect >LittleSnitch from being bypassed. I just want to make sure nobody thinks we >simply don't care about the worries that arose here. Also good to hear. >LittleSnitch 1.1.1 contained code protecting the daemon against being killed. >Unfortunately the kernel extension structure in Tiger changed quite heavily >and lacks that possibility. So we're looking for other ways to protect >LittleSnitch and will address this issue in an upcoming release. Well this is confusing. I can understand protecting LS, but it still seems a bit suspect. Especially the methods. I'd like to know in what ways LS ignores kill signals. Especially the un-ignorable SIGKILL. Presumably the dev will be able to answer my questions more thoroughly and I look forward to that interchange. Thanks for the response. -- -- arno s hautala /-\ [EMAIL PROTECTED] -- -- _______________________________________________ Littlesnitch-talk mailing list [email protected] http://at.obdev.at/mailman/listinfo/littlesnitch-talk
