On Fri, 4 May 2012 07:27:35 +0200 "Fabio Pietrosanti (naif)" <[email protected]> wrote:
> > Any potential DNS-leakage can be prevented with iptables (Debian GNU/Linux > > way): > > Well, this can also be prevented if the "starter" of TBB would be a > binary/executable rather than a shell script, and that binary executable > would provide "LD_PRELOAD" tsocks like approach wrapping the connect(). > > That way the entire TBB will run over the TBB_STARTER that will provide > an "application-level" firewall that would prevent any kind of socket > API to get-out directly. > > -naif > _______________________________________________ An "application-level" firewall is an illusion of security. Procesess can be separated by owners with users and groups but programs itself cannot be authenticated to iptables. That's a reason to exclude an "application-level" firewall options --owner --cmd-owner <program-name> from the kernel iptables modules. Stronger way to manage network connections associated to programs is SELinux security contexts or similar security modules. Even a path based ACLs and MACs such as AppArmor can be avoided and failed and only strong security context isolation in SELinux is a right decision. Or just simple use system groups with iptables: not so secure, not so strong. _______________________________________________ tor-talk mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
