Re: Which Debian packages leak information to the network?

[Elmar Stellnberger <estellnb@gmail.com>]

Am 2016-05-20 um 10:34 schrieb donoban:
> I am running Debian on Qubes OS, I use gnome-calculator on a vault
> domain (a VM without any network device) because I though it does not
> need Internet or data/files from another domain. So without any
> knowledge I was protecting myself from this privacy leak...
>
> Maybe Debian should adopt a strong policy about what packages should
> have Internet access and what does not... All packages not supposed to
> have Internet access will be blocked by firewall or a similar approach
> (probably some kind of whitelist).

  Well, in order to block network access for individual apps you would 
need something like SELinux. However I do not know abouot the 
availability of security profiles for all such apps, neither do I know 
about a convenient tool to browse such profiles f.i. in order to see 
whehther a given app is allowed to access the network.