Simplewall: Suggestion: Remove the permanent whitelisting of simplewall itself--let the user decide
simplewall 2.1.4
Could you make simplewall more transparent about how it gives itself exemption from blocking by removing the following line in main.cpp:
2988 error_count += !_wfp_createrulefilter (nullptr, nullptr, app.GetBinaryPath (), DirBoth, nullptr, 0, AF_UNSPEC, false, FILTER_WEIGHT_APPLICATION, false);
Instead, could you just add simplewall's file executable as a default Allowed app the first time you install/run simplewall.
xEBFE
All 2 comments
Why? simplewall does not make any connect without user decision (update checking, dns resolution... except #94 certificate chain verification bug, it's fixed, but not yet released ;).
henrypp
on 30 Nov 2017
I understand your point. However, I think it's a matter of just being transparent with users of simplewall. As there is no mention of itself being exempt from blocking. It wasn't until I added the simplewall process to the Blocked apps and tried updating (Help > Check for updates) and no notification popped up that I realized there was some self exemption going on. By adding simplewall (by default after an install) to the Allowed apps you're letting them know that simplewall itself plays by it's own rules.
xEBFE
on 30 Nov 2017
Related issues
ltGuillaume
路
3Comments
geonanorch
路
3Comments
p-groarke
路
4Comments
Radagast
路
4Comments
UNDEFINED-BEHAVIOR
路
4Comments
Most helpful comment
I understand your point. However, I think it's a matter of just being transparent with users of simplewall. As there is no mention of itself being exempt from blocking. It wasn't until I added the simplewall process to the Blocked apps and tried updating (Help > Check for updates) and no notification popped up that I realized there was some self exemption going on. By adding simplewall (by default after an install) to the Allowed apps you're letting them know that simplewall itself plays by it's own rules.