On Nov 11, 2003, at 7:05 PM, Matt Jaffa wrote: Do I really need to use Sockets and everything, All I want to do is have it where someone types in an internet address in any web browser on the computer, my app that is running behind the scenes will intercept any of those requests, and then if that address is in this database we have it will allow them to go there. At work we are just making this app to restrict others only to work related sites, so I quickly just want to make this thing. I just need to know how little snitch, intercepts the http(port 80) request and then after allowing it, the web browser shows it. On Nov 11, 2003, at 10:04 PM, Matt Jaffa wrote: The Problem with a web proxy is all you have to change the web proxy settings around and disable the blocks on the other ips and ports. Yes the people who use these computers will have sudo access, but if I design my app, then it will be able to have a non-sudo password associated with it, that they will create when installing my app. Just re-reading things... your application will have a non-sudo password associated with it? I don't follow this. Regardless your application, kext, etc. can be removed using sudo if the user has "admin" privileges on the system. You cannot prevent that. It would be trivial to bypass this. Again the only real solution to this is to firewall the internal network from the external world, blocking all ports (or at least the ones you care about). Then only allow access to websites via a web proxy that has a privileged way through the firewall. Using filtering in web proxy as needed. -Shawn _______________________________________________ darwin-kernel mailing list | darwin-kernel@lists.apple.com Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/darwin-kernel Do not post admin requests to the list. They will be ignored.