Default rule for "loginwindow" allows any connection

General discussions about Little Snitch
Post Reply
muzso
Posts: 8
Joined: Tue Nov 01, 2011 11:56 pm

Default rule for "loginwindow" allows any connection

Post by muzso » Sat Nov 05, 2011 10:07 pm

It seems to be a bit of an overkill to give full network access to the localwindow app by default. :-o I'm not familiar with the protocols used during Mac OS X network user logins, but I guess the process uses at most only a few ports (if it's not just a single TCP port). It'd be even better if if this rule was a calculated one as well (like the default rule for the local network), ie. it'd only allow access for the loginwindow app to the login server that the given Mac is set to use.

muzso
Posts: 8
Joined: Tue Nov 01, 2011 11:56 pm

Re: Default rule for "loginwindow" allows any connection

Post by muzso » Sat Nov 05, 2011 10:16 pm

Never mind. Now I see that there're lots of default (protected) rules allowing full network access to various OS X services. Apparently LS applies an "opt-out" strategy (it causes less problems for users if the default rules are more permissive). Then I'll just set whatever I see fit. Sorry for posting without going over all the rules first.

Post Reply