Fix incorrect link Datura Firewall (#605)

This commit is contained in:
Daniel Gray 2022-02-10 13:23:17 +00:00
parent 6c7be4e726
commit d6c789c3f9
No known key found for this signature in database
GPG Key ID: 41911F722B0F9AE3

View File

@ -138,7 +138,7 @@ We have these general tips:
<p>GrapheneOS extends the <a href="/android/#android-security-privacy">user profile</a> feature allowing a user to press an "End Session" button. This button clears the encryption key from memory. There are plans to add a <a href="https://github.com/GrapheneOS/os-issue-tracker/issues/88">cross profile notifications system</a> in the future.</p> <p>GrapheneOS extends the <a href="/android/#android-security-privacy">user profile</a> feature allowing a user to press an "End Session" button. This button clears the encryption key from memory. There are plans to add a <a href="https://github.com/GrapheneOS/os-issue-tracker/issues/88">cross profile notifications system</a> in the future.</p>
<h5><strong>INTERNET permission vs packet filtering</strong></h5> <h5><strong>INTERNET permission vs packet filtering</strong></h5>
<p><a href="https://en.wikipedia.org/wiki/Firewall_(computing)#Packet_filter">Packet filter</a> based solutions such <a href="/android/#graphene-calyxos">Datura Firewall</a>, <a href="https://gitlab.com/LineageOS/issues/android/-/issues/3228">LineageOS</a> (DivestOS), AFWall+ and NetGuard, are not ideal as they can leak and don't prevent an app from proxying a network request through another app using an <a href="https://developer.android.com/guide/components/intents-filters">intent</a>.</p> <p><a href="https://en.wikipedia.org/wiki/Firewall_(computing)#Packet_filter">Packet filter</a> based solutions such <a href="https://calyxos.org/docs/tech/datura-details">Datura Firewall</a>, <a href="https://gitlab.com/LineageOS/issues/android/-/issues/3228">LineageOS</a> (DivestOS), AFWall+ and NetGuard, are not ideal as they can leak and don't prevent an app from proxying a network request through another app using an <a href="https://developer.android.com/guide/components/intents-filters">intent</a>.</p>
<p>Android has a built-in <a href="https://developer.android.com/training/basics/network-ops/connecting"><code>INTERNET</code></a> permission. This is enforced by the operating system. On AOSP and most of its derivatives, it is treated as an install time permission. GrapheneOS changes it to <a href="https://en.wikipedia.org/wiki/Runtime_(program_lifecycle_phase)">runtime</a> permission, meaning that it can be revoked to deny internet access to a specific app.</p> <p>Android has a built-in <a href="https://developer.android.com/training/basics/network-ops/connecting"><code>INTERNET</code></a> permission. This is enforced by the operating system. On AOSP and most of its derivatives, it is treated as an install time permission. GrapheneOS changes it to <a href="https://en.wikipedia.org/wiki/Runtime_(program_lifecycle_phase)">runtime</a> permission, meaning that it can be revoked to deny internet access to a specific app.</p>