Re: F21 System Wide Change: Workstation: Disable firewall

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 






----- Original Message -----
> From: "Stephen Gallagher" <sgallagh@xxxxxxxxxx>
> To: devel@xxxxxxxxxxxxxxxxxxxxxxx
> Sent: Tuesday, April 22, 2014 1:40:05 PM
> Subject: Re: F21 System Wide Change: Workstation: Disable firewall
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> On 04/22/2014 05:43 AM, Christian Schaller wrote:
> > 
> > 
> > 
> > 
> > ----- Original Message -----
> >> From: "Thomas Woerner" <twoerner@xxxxxxxxxx> To:
> >> devel@xxxxxxxxxxxxxxxxxxxxxxx Sent: Tuesday, April 22, 2014
> >> 11:23:46 AM Subject: Re: F21 System Wide Change: Workstation:
> >> Disable firewall
> >> 
> >> On 04/21/2014 12:22 AM, drago01 wrote:
> >>> On Mon, Apr 21, 2014 at 12:02 AM, Reindl Harald
> >>> <h.reindl@xxxxxxxxxxxxx> wrote:
> >>> 
> >>>> * there are network services enabled by default
> >>> 
> >>> Again that's a bug and a viloation of the guidelines. Which
> >>> services are you talking about? Please file bugs.
> >>> 
> >>>> * avahi is one of them
> >>> 
> >>> You keep listing this as an example but avahi is not only
> >>> installed and enabled by default but also allowed configured to
> >>> work in the default firewall setup since F18 [1] ...
> >>> 
> >>> So the current default firewall won't protect you against avahi
> >>> flaws.
> >>> 
> >> This has been added only because of a FESCo decision:
> >> 
> >> https://fedoraproject.org/wiki/Features/AvahiDefaultOnDesktop
> >> 
> > 
> > Thank you for digging that ticket up Thomas. I think that ticket
> > mentions something maybe a bit overlooked in this thread so far,
> > "Real world security". I recommend everyone following this thread
> > to watch this video of a talk by Russ Doty from Red Hat at this
> > years DevConf in Brno.  His talk is about real world security,
> > especially in the context of enterprise computing, but the issues
> > he articulate forms the underlaying challenges of this thread too.
> > 
> > I think if everyone here see this talk we could hopefully move this
> > thread into a more constructive format.
> 
> 
> Since you missed the link: https://www.youtube.com/watch?v=jYGgVUYjXQ8

oops, thanks for that, I had the link ready to be pasted, but forgot to actually
paste it :)

Christian
-- 
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct





[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux