Re: Networking and the firewall (Was Re: Isn't it time for the encrypted file system???)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, Mar 28, 2006 at 09:51:29AM +0200, Alexander Larsson wrote:
> I must say I'm slightly bothered by the "lets have the apps punch holes
> in the firewall" approach. If any app can open holes in the firewall,
> what use is the firewall then? It will only be protecting ports that no
> application is listening too.

The proposal I made (umm dig, dig deep through archives  4 years ago) was
that the firewall tool has an interface allowing applications to add holes
and to deal with holes but that the config tool for the app would always
ask when it seemed relevant

	eg

		You have just enabled network printing
		Currently your firewall only permits local
		access for printing

		Would you like to configure the firewall
		to allow network printer access

		Allow All	Customize	Deny All


And also use the same hooks so that rpm -e deinstalls the firewall hole and
closes it.

Punching holes in general otherwise is dangerous.


[Index of Archives]     [Fedora Users]     [Fedora Development]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]

  Powered by Linux