like what progress and where to find it? Its being developed as part of the upstream apparmor project. The socket labeling portion has landed in ubuntu saucy. This does not allow for control based on ports or addresses but is the basis for that work.
So what is done is a base socket labeling on which other functionality can be based. The next step would be basic address/port binding (server setting up an address), and then send address mediation. This may happen for ipv4 (not ipv6) with in the next month as part of a dev preview to get feedback on the mediation approach. It is unlikely this will make it into saucy. Can we expect to have it in future? yes Does it make sense to use dev package that converges with future versions of ubuntu? yes. The apparmor project has a ppa that developments appear in once they reach a beta state. https://launchpad.net/~apparmor-dev/+archive/apparmor-devel Just anything. If i can find it somewhere else, a link would help me a lot. the places to watch are the apparmor mailing list (its mostly a devel list but also takes general questions) appar...@lists.ubuntu.com and of course you can always watch the ppa. I wouldn't recommend using the ppa on a production system, at least not upgrading everytime its updated. There are times its stable and other times its not -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/796588 Title: Limit inet and inet6 access by source or destination port To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/796588/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
