Apps can bypass droidwalls whitelist if started before droidwall upon boot

[GoogleCodeExporter]

What steps will reproduce the problem?

For more information: 
http://androidunderground.blogspot.com/2011/06/lookout-opens-unwanted-data-conne
ctions.html

What is the expected output? What do you see instead?

I expect the default mode for IPTABLES to be DROP instead of ACCEPT even for 
the brief moment before droidwall has successfully started up upon boot.

Please provide any additional information below.

Since root is needed (in order to use droidwall) it would be nice if droidwall 
could create some sort of script that is runned before any app is allowed to 
start (when the device boots up) so that the default (when whitelist is 
enabled) would be something like:

# Policy for chains DROP everything.
iptables -P INPUT DROP
iptables -P OUTPUT DROP
iptables -P FORWARD DROP

This would stop the leakage described in the url above.

Original issue reported on code.google.com by apac...@gmail.com on 28 Jan 2012 at 10:46

[GoogleCodeExporter]

init.d ?

Original comment by axel.how...@yopmail.com on 31 Jan 2012 at 12:18

[GoogleCodeExporter]

(there is already an issue like this hidden somewhere)

this is NOT a droidwall defect

Original comment by axel.how...@yopmail.com on 31 Jan 2012 at 12:25