On Thu, 18 Jun 2009, Martin Langhoff wrote:
On Sun, Jun 14, 2009 at 8:08 PM, Lennart Poettering<mzerqung@xxxxxxxxxxx> wrote:
Gah. Allowing packages to pierce the firewall just makes the firewall
redundant.
True
A firewall is an extra layer of security that
simply hides the actual problem.
Um!? Layered security is a _good thing_. *All* the network daemons in
Fedora today have had bugs reported. I pretty much want to have that
extra layer hiding actual problems :-)
agreed. The point of the firewall is that some tools are not a good idea
to expose to the whole world. Waiting for every daemon to be perfect or
allowing them to run exposed to find bugs by having people's systems get
cracked is not good or appropriate behavior for any distro.
the default firewall needs to stay, imo.
Having better tools for configuring it is a good idea, but disabling it is
not a solution of any kind.
-sv
--
fedora-devel-list mailing list
fedora-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-devel-list
