More to the point, implementing this would give snaps the ability to add
fine-grained network permissions for plugs, and this would suddenly make
snaps a very attractive alternative to Docker images for server apps. I
think this should be considered for priority.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/796588
Title:
Fine-grained network mediation
Status in AppArmor:
In Progress
Status in apparmor package in Ubuntu:
Triaged
Status in linux package in Ubuntu:
Triaged
Bug description:
Binary package hint: apparmor
This is a wishlist item / feature request.
Increase the granularity of network restrictions to allow
specification of which ports or ranges of ports can or can't be used
by an application. This functionality is available in systrace if
either the example or code would be of help:
http://en.wikipedia.org/wiki/Systrace
http://www.systrace.org/
To manage notifications about this bug go to:
https://bugs.launchpad.net/apparmor/+bug/796588/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp