From f3fe1e1d450b51b0aae93f3f9c97f2a54c51511c Mon Sep 17 00:00:00 2001 From: Daniel Micay Date: Mon, 2 Mar 2020 06:37:00 -0500 Subject: [PATCH] add initial firewall section to FAQ --- static/faq.html | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/static/faq.html b/static/faq.html index f50e420f..fed69b96 100644 --- a/static/faq.html +++ b/static/faq.html @@ -77,6 +77,7 @@
  • What kind of VPN and Tor support is available?
  • Can apps monitor network connections or statistics?
    • +
  • Does GrapheneOS provide a firewall?
  • @@ -486,6 +487,23 @@

    This was previously part of the GrapheneOS privacy improvements, but became a standard Android feature with Android 10.

    +

    + Does GrapheneOS provide a firewall? +

    + +

    Yes, GrapheneOS inherits the deeply integrated firewall from the Android Open + Source Project, which is used to implement portions of the security model and various + other features. The GrapheneOS project historically made various improvements to the + firewall but over time most of these changes were been integrated upstream or became + irrelevant.

    + +

    GrapheneOS adds a user-facing Network permission toggle providing a robust way to + deny both direct and indirect network access to applications. It builds upon the + standard non-user-facing INTERNET permission, so it's already fully adopted by the app + ecosystem. Revoking the permission denies indirect access via OS components and apps + enforcing the INTERNET permission, such as DownloadManager. Direct access is denied + by blocking low-level network socket access.

    +

    Day to day use