Am 15.04.2014 11:32, schrieb drago01: >> do "we" really want to go the way of dangerous defaults without > > ... "dangerous" ? > > So install the workstation package set. Boot it up. Disable the firewall. > Which kind of vulnerabilities are able to find? Which ports are > accessible? Avahi at least > What can you do with them? that will the time tell you after there where security flaws nobody expected before when it is too late - it is somehow pervert to argue that way and make proposals to weaken the default security exactly one week after "Heartbleed" "what can you do with them" if it comes to security is the wrong question - what can you not do with them and how do you prove that would be the right question not a single security flaw in the past yeas was expected and now instead learn of them we disable security layers? short ago it was proposed "drop tcpwrapper from the distribution because there is a firewall and we should rely on a sinle layer of defense" followed directly by "oh and now let us disable that security layer in a default install" to make it clear: myself is not affected by such things but it scares me because i have to fight as server-admin with the impact of dumb security decisions and the resulting botnets and yes you have to be very careful with "but we are not vulerable like this and that" because that's the first step to fall hard
Attachment:
signature.asc
Description: OpenPGP digital signature
-- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
