Contextual, interactive firewall #1
Description
Drop has two network modes:
isolatedwhere outgoing traffic is allowed, but not to services that run on the host, with configuration options to allow connections to selected services on the host.offwhere no outgoing traffic is allowed.
Of course, all Drop traffic is already filtered by the host firewall according to the host rules, but such global filtering is very limiting. For example, to be able to use a web browser effectively on a machine, all outgoing HTTPS connections need to be allowed, but then all sandboxed programs running in the isolated network mode are also able to make HTTPS connections to any destination.
A much more flexible approach would be to support firewall rules that apply to Drop environments only. A generic set of rules can be loaded by a shared base.toml config file, environment-specific rules can be loaded via ENVID.toml config files.
The absolute killer feature would be for the firewall to support interactive mode. Prompt the user when a connection attempt is made, and ask to:
allow, deny, always Allow, always Deny
the connection. The user usually knows what is executed in the sandbox and if a connection to a given host makes sense in a given context. This should help to detect situations when a compromised library or LLM injected prompt phones home.