Am 15.04.2014 15:59, schrieb Michael Catanzaro: > On Tue, 2014-04-15 at 14:35 +0200, Zbigniew Jędrzejewski-Szmek wrote: >> What needs to be done to improve the firewall integration? >> >> Zbyszek > > The rule in the Workstation technical spec is: "A firewall in its > default configuration may not interfere with the normal operation of > programs installed by default." [1] There's a discussion on the desktop > list beginning at [2] that has some brainstorming and explanation as to > why this would be hard. > > [1] > https://fedoraproject.org/wiki/Workstation/Technical_Specification#Firewall > > [2] > https://lists.fedoraproject.org/pipermail/desktop/2014-February/009142.html that is all fine, but throw away security because it stands in the way of comfort is a terrible step - security *always* will affect usability - you can't have both perfect, never but if you drop security for usability in 2014 after the last 3 years clearly showed that any application and library out there was multiple vulerable in unexpected ways you will not do a favour to your users and the possible damage to the project if it comes to mass security flaws in "Fedora Workstation" setups a few months after it's first release can never be repaired if i say never then i mean never having press articles with "this and that happened because they dropped the firewall for more comfort" leaves a bad taste for the future - and not only for the Workstation, also for other products and the distribution because it is a hint for a general attitude that security no longer counts - frankly that can even damage other distributions "Linux goes the same way of unsecure defaults"
Attachment:
signature.asc
Description: OpenPGP digital signature
-- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
