Re: block a program from access the Internet.

To: debian-user@lists.debian.org
Subject: Re: block a program from access the Internet.
From: Pascal Hambourg <pascal@plouf.fr.eu.org>
Date: Tue, 10 Sep 2013 00:54:08 +0200
Message-id: <[🔎] 522E5190.2010107@plouf.fr.eu.org>
In-reply-to: <[🔎] 522E1B76.2030302@gmail.com>
References: <[🔎] op.w25yatoae4gg2u@localhost> <[🔎] 522E1B76.2030302@gmail.com>

Lars Noodén a écrit :
> 
> Vincent's link suggests that --cmd-owner was removed from iptables
> entirely.

Actually it was removed from the kernel part of iptables, not from the
iptables userland.

> It would be important to find a more authoritative source on
> that like the netfilter list or the kernel list.

Is the Linux 2.6.14 changelog authoritative enough ?

commit 34b4a4a624bafe089107966a6c56d2a1aca026d4
Author: Christoph Hellwig <hch@lst.de>
Date:   Sun Aug 14 17:33:59 2005 -0700

    [NETFILTER]: Remove tasklist_lock abuse in ipt{,6}owner

    Rip out cmd/sid/pid matching since its unfixable broken and stands
    in the way of locking changes to tasklist_lock.

Reply to:

Follow-Ups:
- Re: block a program from access the Internet.
  - From: Lars Noodén <lars.nooden@gmail.com>

References:
- Re: block a program from access the Internet.
  - From: atar <atar.yosef@gmail.com>
- Re: block a program from access the Internet.
  - From: Lars Noodén <lars.nooden@gmail.com>

Prev by Date: Re: Changing pointer size in icewm
Next by Date: group share directory using ACL's
Previous by thread: Re: block a program from access the Internet.
Next by thread: Re: block a program from access the Internet.
Index(es):
- Date
- Thread