[Exherbo-dev] Proper network sandboxing

Ali Polatel polatel at gmail.com
Tue Aug 25 23:09:20 BST 2009

Sterling X. Winter yazmış:
> On Tuesday 25 August 2009 01:57:03 pm Ali Polatel wrote:
> > This function needs some work, currently it only allows
> > and ::1 through.
> What, if anything, can Sydbox do about attempts to connect to various proxies 
> running on localhost? A few examples to consider are: Squid (often found on 
> port 8080); SOCKS (port 1080); Privoxy (port 8118 by default); Tor (port 9050 
> by default).

Good point. Network blacklisting is an idea to solve this.
It'll work just like path prefixes e.g:


To do this we have to take ports into account as well but that's easy.
What do you think?

Ali Polatel
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
URL: <http://lists.exherbo.org/pipermail/exherbo-dev/attachments/20090826/118e9658/attachment.pgp>

More information about the Exherbo-dev mailing list