----- Original Message ----- > From: "Thomas Woerner" <twoerner@xxxxxxxxxx> > To: devel@xxxxxxxxxxxxxxxxxxxxxxx > Sent: Tuesday, April 22, 2014 11:23:46 AM > Subject: Re: F21 System Wide Change: Workstation: Disable firewall > > On 04/21/2014 12:22 AM, drago01 wrote: > > On Mon, Apr 21, 2014 at 12:02 AM, Reindl Harald <h.reindl@xxxxxxxxxxxxx> > > wrote: > > > >> * there are network services enabled by default > > > > Again that's a bug and a viloation of the guidelines. Which services > > are you talking about? > > Please file bugs. > > > >> * avahi is one of them > > > > You keep listing this as an example but avahi is not only installed > > and enabled by default > > but also allowed configured to work in the default firewall setup > > since F18 [1] ... > > > > So the current default firewall won't protect you against avahi flaws. > > > This has been added only because of a FESCo decision: > > https://fedoraproject.org/wiki/Features/AvahiDefaultOnDesktop > Thank you for digging that ticket up Thomas. I think that ticket mentions something maybe a bit overlooked in this thread so far, "Real world security". I recommend everyone following this thread to watch this video of a talk by Russ Doty from Red Hat at this years DevConf in Brno. His talk is about real world security, especially in the context of enterprise computing, but the issues he articulate forms the underlaying challenges of this thread too. I think if everyone here see this talk we could hopefully move this thread into a more constructive format. Christian -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
