I am wondering if it would be possible to add simple, app-specific firewall rules in GOS in the same way that storage scopes, contact scopes, etc are implemented. Allowing for simple IP traffic filtering rules would be a really neat and welcome feature for certain apps that, for instance, need to access a device at a specific ip on a local network, but shouldnt be able to access the internet, other devices on local net, etc. Other desktop operating systems usually implement this kind of thing, but im not aware of any option in GOS. Thanks!

This can be done with an app implementing that. It's not something that would really be added to GrapheneOS as it doesn't actually provide any concrete security benefits. This kind of badness enumeration would only give people a false sense of security.

There are improvements that the team wants to make to the network permission, however, with the main one being separating the toggle into Internet access and localhost.

    5 months later

    matchboxbananasynergy

    "There are improvements that the team wants to make to the network permission, however, with the main one being separating the toggle into Internet access and localhost."

    But isnt loclhost essentuially loopback, not lan..?