[Exherbo-dev] Proper network sandboxing
ciaran.mccreesh at googlemail.com
Tue Aug 25 23:28:17 BST 2009
On Wed, 26 Aug 2009 01:25:55 +0300
Ali Polatel <polatel at gmail.com> wrote:
> In my opinion the easiest and cleanest way to implement this is
> network whitelisting. Which may work like:
> sydboxcmd net/deny # somewhere in ebuild.bash
> sydboxcmd net/whitelist/127.0.0.1:80 # in for example src_test
> which means we'll deny all network connections by default and let the
> exheres author allow them as she/he wishes.
> What do you think?
Do tests typically use a fixed port, or do they pick a random
'available' port and use that?
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 198 bytes
Desc: not available
More information about the Exherbo-dev