Re: Removing firewall-config from the default install of Fedora Workstation

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

On Fri, Aug 22, 2014 at 4:33 PM, Josh Boyer <jwboyer@xxxxxxxxxxxxxxxxx> wrote:
> On Fri, Aug 22, 2014 at 10:12 AM, Michael Catanzaro
> <mcatanzaro@xxxxxxxxx> wrote:
>>> I would personally strongly recommend to keep the firewall
>>> configuration
>>> utility in Fedora Workstation to allow server application developers
>>> and
>>> also others to have an easy way to configure their firewall settings
>>> according to their needs.
>>
>> I don't think firewall-config is even remotely close to an easy way to
>> configure firewall settings. It's obviously a tool intended for advanced
>> users only, which is why we suggest removing it -- we're trying really
>> hard to get rid of anything that requires technical expertise to use.
>> But it's possible that we may want to make an exception for
>> firewall-config.
>>
>> I'm not sure how to make firewall configuration easy, and I suspect it
>> may not be possible, but you'd have to start with removing all mention
>> of ports ("my computer only has six ports!") and services ("why is http
>> not checked, that must by why my Internet is broken") ("AMANDA! What is
>> this amanda-client you're running on my network!"). I guess an easy
>> firewall configuration tool would be a list of applications with an on
>> or off switch to configure whether that application should be allowed to
>> access the network. That's the sort of firewall configuration I would be
>> more enthusiastic to install by default, but that would not be useful at
>> all for developers.
>
> Slightly orthogonal, but the original discussion wasn't about specific
> ports/apps but more about what to do when a user switches from one
> network to another.  firewalld-config has the concept of zones for
> this, but the UI isn't immediately clear.  I thought someone was
> looking at making changes in GNOME and/or NetworkManager to prompt for
> a "security level" etc.  What happened to that work?

https://wiki.gnome.org/ThreePointThirteen/Features/SharingNetworkAwareness
-- 
desktop mailing list
desktop@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/desktop
[Index of Archives]     [Fedora Users]     [Fedora KDE]     [Fedora Announce]     [Fedora Docs]     [Fedora Config]     [PAM]     [Red Hat Development]     [Red Hat 9]     [Gimp]     [Yosemite News]

  Powered by Linux