opensnitch icon indicating copy to clipboard operation
opensnitch copied to clipboard
verified publisher icon evilsocket

No early start and long shutdown.

Open Barlet44 opened this issue 3 years ago • 3 comments

I noticed that the opensnitch does not start when initializing the OS. For example, tor manages to broadcast to the network before opensnitch fully load. Therefore, any malware also has this opportunity. This is a weak spot. Can you do something with this? I also noticed that the opensnitch interferes with normal PC shutdown. The shutdown occurs much longer with opensnicth than without it. It does not matter systemd or sysvinit. Can you do something with this also?

Barlet44 avatar Aug 09 '22 12:08 Barlet44

hi @Barlet44 , what distro are you using?

gustavo-iniguez-goya avatar Aug 09 '22 12:08 gustavo-iniguez-goya

Devuan 4.0 and Debian 11.

Barlet44 avatar Aug 09 '22 14:08 Barlet44

Reviewing this issue, we could make the daemon start on multi-user stage, as tor does:

cat /etc/systemd/system/multi-user.target.wants/tor.service
(...)
[Install]
WantedBy=multi-user.target

But there can be some nasty effects and others users may no want it: https://forums.linuxmint.com/viewtopic.php?p=2205991#p2205991

My personal opinion is that we should start the daemon as soon as possible.

gustavo-iniguez-goya avatar Sep 13 '22 11:09 gustavo-iniguez-goya