General discussions about Little Snitch
2 posts • Page 1 of 1
It seems to be a bit of an overkill to give full network access to the localwindow app by default. I'm not familiar with the protocols used during Mac OS X network user logins, but I guess the process uses at most only a few ports (if it's not just a single TCP port). It'd be even better if if this rule was a calculated one as well (like the default rule for the local network), ie. it'd only allow access for the loginwindow app to the login server that the given Mac is set to use.
Never mind. Now I see that there're lots of default (protected) rules allowing full network access to various OS X services. Apparently LS applies an "opt-out" strategy (it causes less problems for users if the default rules are more permissive). Then I'll just set whatever I see fit. Sorry for posting without going over all the rules first.