On Saturday 2008-05-03 06:08, Benedikt Gollatz wrote: >On Friday 02 May 2008 16:01:29 you wrote: >> > If you don't trust an application to behave correctly, you also cannot >> > trust it not to use other applications via IPC to connect to the >> > Internet. >> >> But you can catch the fact that it does use IPC. > >How exactly would you do that? There are myriads of ways to do IPC. Security modules were meant to catch just that. To inhibit IPC, you could try Apparmor (dunno if it already handles all ipc cases). -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
