On Mon, Dec 06, 2010 at 03:25:30PM -0800, Jesse Keating wrote: > On 12/06/2010 12:18 PM, Tom Lane wrote: > > Jesse Keating <jkeating@xxxxxxxxxx> writes: > >> The argument of default firewall or not would probably quiet down quite > >> a bit if we had any sort of decent UI to help users get the firewall out > >> of their way when they're really trying to do something. > > > > +1. In today's environment, not having a firewall by default is an > > incredibly stupid idea. What we need to do is fix the UI problems, > > not bypass them by dramatically reducing security. > > > > regards, tom lane > > I keep seeing claims of "incredibly stupid", and at the same time saying > we need to make it easier to open up ports when they need them. What is > the default firewall protecting me from, if I'm allowed and hand held > through opening up ports on demand? There's also more to life than TCP ports. UDP ports, ICMP, other protocols, other unrecognized protocols, packets containing completely random stuff ... Having a firewall that lets through every TCP port does still give you protection from this other stuff. Rich. -- Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones New in Fedora 11: Fedora Windows cross-compiler. Compile Windows programs, test, and build Windows installers. Over 70 libraries supprt'd http://fedoraproject.org/wiki/MinGW http://www.annexia.org/fedora_mingw -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
