[Fed-Talk] Leopard's firewall explained
[Fed-Talk] Leopard's firewall explained
- Subject: [Fed-Talk] Leopard's firewall explained
- From: Todd Heberlein <email@hidden>
- Date: Fri, 9 Nov 2007 10:12:47 -0800
Apple has posted some notes which explains how Apple approached their
firewall interface in Leopard. To me and others who have been raised
on setting firewall ports, Apple's strategy is very counterintuitive.
In short, instead of being port-centric, Apple's firewall
configuration is application-centric.
"The Firewall in Leopard is an Application Firewall. This type of
firewall allows you to control connections on a per-application
basis, rather than a per-port basis. This makes it easier for non-
experts to gain the benefits of firewall protection and helps prevent
undesirable applications from taking control of network ports that
have been opened for legitimate applications."
...
"Once you've added an application to the list, you can choose whether
to allow or deny incoming connections for that application. You can
even add command line applications to this list.
When you add an application to this list, Mac OS X digitally signs
the application (if it has not been signed already). If the
application is modified, you will be prompted to allow or deny
incoming network connections to it. Most applications do not modify
themselves, and this is a safety feature that notifies you of the
change."
http://docs.info.apple.com/article.html?artnum=306938
Todd
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden