Just forgot one detail here: if it becomes a rquirement that connections to services installed on Fedora Desktop are tunneled through SSH, I believe that this will create much more difficulties for users than managing a firewall would.
-- Peter (again-agan)
On Fri, Dec 12, 2014 at 8:28 PM, Peter Laursen <jazcyk@xxxxxxxxx> wrote:
I cannot figure out how to get access to the ticket. I am also not sure I am interested in yet another such account. I have more than enough accounts and subscriptions already spamming my mailbox. So I hope it is OK that I reply in this mail thread instead.If I understand the discussion, it was a decision in an early stage of Fedora 21 Desktop development that it should not have a User Interface for firewall configuration. And I think this is the basic problem and mistake. I cannot see how usability and security can be achieved at the same time without it Even though it is not a server platform, you may still want to run server programs on it (typicaly for access by other systems on local network). I can think of (at least):* a test or learning instance of any database server* all sorts of file servers* media streaming services.. and they will all require the port where the server listens to be open.I think a very simple User Interface for firewall configuration should be added. It could be as simple as just allowing for opening of specific ports. I also don't think it will cause problems. People can manage firewall(s) in Windows. Dont' assume that users are more helpless than they are (that is/was Ubuntu's mistake IMO).(and as a final remark the security issue is close to NULL for al the people running FD21 in a virtualized environment or behind a router. They will have the protection from the host OS or the router. But some people still use various types of modems and not routers of course)-- Peter--On Fri, Dec 12, 2014 at 3:09 PM, Paul W. Frields <stickster@xxxxxxxxx> wrote:FYI: https://fedorahosted.org/fesco/ticket/1372
When responding to this ticket, please keep the discussion impersonal
and objective as possible. We should plan to have a couple people at
the FESCo meeting next week if this is on the agenda.
--
Paul W. Frields http://paul.frields.org/
gpg fingerprint: 3DA6 A0AC 6D58 FEC4 0233 5906 ACDB C937 BD11 3717
http://redhat.com/ - - - - http://pfrields.fedorapeople.org/
The open source story continues to grow: http://opensource.com
--
desktop mailing list
desktop@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/desktopHilsen / Regards
Peter Laursen
Hilsen / Regards
Peter Laursen
Peter Laursen
-- desktop mailing list desktop@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/desktop
