Hello,
2014-04-15 16:28 GMT+02:00 Christian Schaller <cschalle@xxxxxxxxxx>:
"Oversharing on a public network" absolutely is a security issue. Heartbleed is exactly that, "oversharing" and nothing more!2014-04-15 16:28 GMT+02:00 Christian Schaller <cschalle@xxxxxxxxxx>:
----- Original Message -----
> From: "Reindl Harald" <h.reindl@xxxxxxxxxxxxx>
> To: devel@xxxxxxxxxxxxxxxxxxxxxxx
> Sent: Tuesday, April 15, 2014 11:40:20 AM
> Subject: Re: F21 System Wide Change: Workstation: Disable firewall
>
>
> Am 15.04.2014 11:32, schrieb drago01:
> > On Tue, Apr 15, 2014 at 11:18 AM, Reindl Harald <h.reindl@xxxxxxxxxxxxx>
> > wrote:
> allow any random application to open a unprivliegedWe already allow that and have for a long while. Any application bothering to support the firewalld dbus interface can open any port
> port which is reachable from outside is dangerous
>
they wish to.
We don't, actually. Only applications running in a session of a member of the wheel group would have that right, and those applications are pretty much root-equivalent anyway. (Many GNOME users probably use such a setup, but it's not at all the only one possible.)
The thread discussing this ended up with mostly being a discussion if the firewall would be a useful way to help users from accidentally
oversharing on a public network. Which is important and something we want to work on, but a lot less so than security issues.
Mirek
-- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
