Recently I had a couple of instances of programs sending data (copies of some of my config files) out over the net. I consider this very bad form on behalf of the writers, and I want to prevent it happening in future.
One example was a program that had a command line diagnostic utility. When I ran it, it immediately gathered up a bunch of info, not only the program's own config, but the system as well, and uploaded them to a server. Some of those files might have contained data like usernames and passwords.
So, like in Windows, I would like a program that warns me when another program tries to send data, or even initiate communication over the net, without my knowledge. Ideally then I can whitelist only the programs I want to allow to do this, and the rest will be prevented by default.
Edit: I found a web page from 2007 that talks about this here
They mention three programs (Systrace, Tuxguardian and Program Guard) that used to exist, but I suspect cannot be used with the new kernels and distributions like Ubuntu any more.
I don't believe there's a simple, non-technical solution. That said, if you're willing to get your hands dirty, read on.
Ubuntu uses a permissions framework called AppArmor, in which each application has a "profile" that defines what it is allowed to do. If you have administrator privileges, you can edit AppArmor profiles to allow applications on your system to do less. You can also create restrictive profiles for binaries that don't have them. Profiles are stored in
/etc/apparmor.d/.You'll want to read the AppArmor Profile Language Guide and Ubuntu Community Documentation. In essence, however, you want to remove all
networkpermissions, and then put all profiles into "complain" mode so you know when they're trying to do networking with: