From nobody Tue Mar 10 10:57:59 2026 X-Original-To: questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4fVW7t56QBz6VRbx for ; Tue, 10 Mar 2026 10:58:18 +0000 (UTC) (envelope-from ralf-mardorf@riseup.net) Received: from mx1.riseup.net (mx1.riseup.net [198.252.153.129]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "mx1.riseup.net", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4fVW7t1t77z44R6 for ; Tue, 10 Mar 2026 10:58:18 +0000 (UTC) (envelope-from ralf-mardorf@riseup.net) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=riseup.net header.s=squak header.b=tUpdqXyO; dmarc=pass (policy=none) header.from=riseup.net; spf=pass (mx1.freebsd.org: domain of ralf-mardorf@riseup.net designates 198.252.153.129 as permitted sender) smtp.mailfrom=ralf-mardorf@riseup.net Received: from fews01-sea.riseup.net (fews01-sea-pn.riseup.net [10.0.1.109]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx1.riseup.net (Postfix) with ESMTPS id 4fVW7s3xTvzDq7f for ; Tue, 10 Mar 2026 10:58:17 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=riseup.net; s=squak; t=1773140297; bh=Y8xsJy9lp95Hhre0+OetYzeskUIPqwCo5GYRVf5laVA=; h=Subject:From:To:Date:In-Reply-To:References:From; b=tUpdqXyO60uVdolRPCz+hHY16uOlMFbrzi1hYthmAcsDo+0NehYQodr5VYkknbPyD 1JCryoMbXVNE4yPRbd4dmrZdYABntbNi9kvXQ5W793tswaIalS2irWaI4fu2Pf6bFO 2ELw/P4o83muvzADg+wRo9ZV2aGrIWQ3lgfVeNzQ= X-Riseup-User-ID: 9870298EC8384C34ACAE415E6E65D5E3A38762CF778B8C74EB4AE2363C3F71C3 Received: from [127.0.0.1] (localhost [127.0.0.1]) by fews01-sea.riseup.net (Postfix) with ESMTPSA id 4fVW7d6q7vz1yr0 for ; Tue, 10 Mar 2026 10:58:05 +0000 (UTC) Message-ID: <3105f794d447dc82d8257398c596fc95a76d8a8b.camel@riseup.net> Subject: Re: parental control app for open-source desktop From: Ralf Mardorf To: questions@freebsd.org Date: Tue, 10 Mar 2026 11:57:59 +0100 In-Reply-To: <6cf35f44ca26ae36c58cd9c4741893d1e595cc69.camel@riseup.net> References: <177313800300.7.1513573913894866227.1220244090@passmail.net> <6cf35f44ca26ae36c58cd9c4741893d1e595cc69.camel@riseup.net> Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: freebsd-questions@freebsd.org Sender: owner-freebsd-questions@FreeBSD.org MIME-Version: 1.0 X-Spamd-Result: default: False [-4.20 / 15.00]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_SHORT(-1.00)[-1.000]; DMARC_POLICY_ALLOW(-0.50)[riseup.net,none]; R_DKIM_ALLOW(-0.20)[riseup.net:s=squak]; R_SPF_ALLOW(-0.20)[+a:mx1.riseup.net:c]; MIME_GOOD(-0.10)[text/plain]; RCVD_IN_DNSWL_LOW(-0.10)[198.252.153.129:from]; RWL_MAILSPIKE_GOOD(-0.10)[198.252.153.129:from]; DKIM_TRACE(0.00)[riseup.net:+]; TO_MATCH_ENVRCPT_ALL(0.00)[]; RCVD_TLS_ALL(0.00)[]; RCPT_COUNT_ONE(0.00)[1]; ARC_NA(0.00)[]; RECEIVED_HELO_LOCALHOST(0.00)[]; FROM_HAS_DN(0.00)[]; MISSING_XM_UA(0.00)[]; ASN(0.00)[asn:16652, ipnet:198.252.153.0/24, country:US]; TO_DN_NONE(0.00)[]; RCVD_COUNT_TWO(0.00)[2]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; PREVIOUSLY_DELIVERED(0.00)[questions@freebsd.org]; MID_RHS_MATCH_FROM(0.00)[]; MLMMJ_DEST(0.00)[questions@freebsd.org]; RCVD_VIA_SMTP_AUTH(0.00)[]; DWL_DNSWL_NONE(0.00)[riseup.net:dkim] X-Rspamd-Queue-Id: 4fVW7t1t77z44R6 X-Spamd-Bar: ---- On Tue, 2026-03-10 at 11:49 +0100, Ralf Mardorf wrote: > On Tue, 2026-03-10 at 10:19 +0000, freebsd.tug890@passmail.net=C2=A0wrote= : > > so your children will not be able to activate DoH in their Web > > browsers >=20 > Good point! >=20 > In Firefox, Waterfox for example >=20 > Edit > Settings > Privacy & Security > Enable DNS over HTTPS using >=20 > [x] Off >=20 > It's not too hard to chooses anything else. >=20 > Ironically, I came across it some time ago for a completely different > reason. Until then, I hadn't realized what was going on. Maybe making the browser's config file (immutable and) only editable by root might (or might not) work, too.