Hello,
2014-04-15 11:01 GMT+02:00 Jaroslav Reznik <jreznik@xxxxxxxxxx>:
2014-04-15 11:01 GMT+02:00 Jaroslav Reznik <jreznik@xxxxxxxxxx>:
= Proposed System Wide Change: Workstation: Disable firewall =
https://fedoraproject.org/wiki/Changes/Workstation_Disable_Firewall
== Detailed Description ==
The current level of integration into the desktop and applications does not
justify enabling the firewalld service by default.
This line of argument doesn't make any sense to me. Enabling a firewall is justified by needing a firewall, not any kind, or level, of integration into other software.
Therefore,
we will disable the firewall service while we are working on a more user-
friendly way to deal with network-related privacy issues.
(combined with...)
== Benefit to Fedora ==
The Workstation will boot faster, and the firewall will not interfere with sharing protocols such as DAAP, UPnP and others.
So this actually means "we will disable the firewall, explicitly intending to allow exposing user's data over DAAP and the like", now, and "be working on... the privacy issues" [not as a part of this Change], i.e. later?
I do hope I'm misunderstanding the proposal, because this reads like a highly irresponsible and completely unacceptable transition plan. If the users needs to share data and have control over whether/how it is shared, we just can't take away that control now, and promise to return it sometime later[1].
(I could actually see a good case for not having a restrictive firewall on the Workstation by default, assuming some conditions were met; but if the explicit intent is to give up on users' control over their data like that, there's really no point in discussing the detailed requirements because the underlying intent is unacceptable and needs to be revisited.)
Mirek
[1] Actually, we can't even credibly promise to return it later—if we haven't had time or interest to develop the better controls now, why should the users trust us that we'll develop them later when without the firewall "things work correctly for the intended use case" and the work on better firewall integration is now even less urgent?
[1] Actually, we can't even credibly promise to return it later—if we haven't had time or interest to develop the better controls now, why should the users trust us that we'll develop them later when without the firewall "things work correctly for the intended use case" and the work on better firewall integration is now even less urgent?
-- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
