----- Original Message ----- > From: "Lennart Poettering" <mzerqung@xxxxxxxxxxx> > To: "Discussions about development for the Fedora desktop" <desktop@xxxxxxxxxxxxxxxxxxxxxxx> > Sent: Wednesday, February 19, 2014 6:57:57 PM > Subject: Re: technical spec for the workstation up for review > > On Wed, 19.02.14 12:40, Bastien Nocera (bnocera@xxxxxxxxxx) wrote: > > > > > > > ----- Original Message ----- > > > Hi, > > > I ended up calling the firewalld maintainer to understand the state of > > > things > > > and there is this concept in firewalld called zones that we should be > > > able to > > > use to create a better user experience, yet at the same time keep the > > > firewall > > > working when people connect with their laptop at an internet cafe for > > > instance. > > > > Right. But firewalld can't a Fedora-only solution, otherwise no application > > developer > > will want to integrate with it. > > > > We'd also need designs based around that, and see if firewalld is indeed > > the right > > technical solution. > > > > Right now, we don't even know whether a firewall is required, or it's just > > a > > work-around for applications that aren't integrated. > > I fully agree with Bastien here. I don't think a firewall brings any > benefit on th desktop, and particularly not in the implementation of > firewalld. There are better ways to make sure the local system is not > vulnerable, and in its current state firewalld just creates problems and > slows down the boot immensly (it's the number 1 slowest component on > Fedora, right now.) > > Lennart > Well they are re-implementing firewalld in C++ now, so hopefully the new implementation will be less slow on boot. Christian -- desktop mailing list desktop@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/desktop
