Default rule for "loginwindow" allows any connection
Posted: Sat Nov 05, 2011 10:07 pm
It seems to be a bit of an overkill to give full network access to the localwindow app by default. I'm not familiar with the protocols used during Mac OS X network user logins, but I guess the process uses at most only a few ports (if it's not just a single TCP port). It'd be even better if if this rule was a calculated one as well (like the default rule for the local network), ie. it'd only allow access for the loginwindow app to the login server that the given Mac is set to use.