On Sun, Jun 14, 2009 at 20:08:31 +0200, Lennart Poettering <mzerqung@xxxxxxxxxxx> wrote: > > enabled by default, like we currently do. If an application cannot be > trusted then it should not be allowed to listen on a port by default > in the first place. A firewall is an extra layer of security that > simply hides the actual problem. The point of the firewall is to block connections to services that are only supposed to be connected from trusted locations. This may be things you are testing, don't intend to be running, don't bind to 127.0.0.1 instead of 0.0.0.0, even though they are intended to be accessed from the local machine, or services that you only want to accept connections from a white list of IP addresses. -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
