Linux does do that, and has since the Kernel 2.2 or so; In fact, opensnitch is a user mode process thanks to Linux allowing that, whereas windows needed drivers last I checked (win 2000 days, but the network driver model was still the same for win 7 and even later iirc)
I never knew about that, thanks. I always believed one had to either resort to address/packet filtering at machine level or limit access to networking to a certain uid/gid, then running the software under those credentials. But that would defeat the purpose of allowing access while being warned about that, so that for example one could check if an application is really phoning home for innocuous updates or connecting to some shady addresses for unknown purposes.
