Nice info. KISS (keep it simple, stupid) is a good principle for security, as it is for many other things. That's why LS is worth money, someone is taking their time to sit down and think through all the details and how they interact.
On Fri, 21 Oct 2005, LittleSnitch Support wrote: > On Oct 19, 2005, at 21:10, Arno S Hautala wrote: > > . . . > > The utility itself is not the security problem. As you say, it could > be protected by the system by giving it the proper ownership and > permissions so only the root user can use it. > > But the utility somehow has to communicate the configuration changes > to LittleSnitch (the daemon, the kernel extension, the preference > pane) - and this communication channel would be the weak point > (howsoever this channel might be constructed, whether by inter > process communication or config file exchange). > > LittleSnitchCTL in a way suffers from the same problem: To use it, > you have to enable the "access for assistive devices" in the > "Universal Access" preferences, which itself opens a serious security > hole. But LittleSnitchCTL needs some way to communicate with > LittleSnitch - as any command line utility for changing the > LittleSnitch configuration would need. . . . <and more interesting discussion snipped> _______________________________________________ Littlesnitch-talk mailing list Littlesnitch-talk@obdev.at http://at.obdev.at/mailman/listinfo/littlesnitch-talk
