On 8 December 2014 at 12:02, Aleksandar Kurtakov <akurtako@xxxxxxxxxx> wrote: > ----- Original Message ----- >> From: "Reindl Harald" <h.reindl@xxxxxxxxxxxxx> >> To: devel@xxxxxxxxxxxxxxxxxxxxxxx >> Sent: Monday, December 8, 2014 1:26:29 PM >> Subject: Re: "Workstation" Product defaults to wide-open firewall >> >> >> >> Am 08.12.2014 um 12:22 schrieb Bastien Nocera: >> >> Am 08.12.2014 um 11:45 schrieb Bastien Nocera: >> >>>> Well, I'll understand these aspects. >> >>>> >> >>>> But when I think about Linux, especially about Fedora, I'm thinking >> >>>> about the freedom to make decisions. This means to me, to customize >> >>>> and take advantage of my computer and in this case my operating system. >> >>> >> >>> You're free to select another firewall zone >> >> And free to move to another distro of course. >> >> so why do you not make secure defaults and say "You're free to select >> >> another (more unsecure) firewall zone"? >> > >> > 1) It is secure enough and Eclipse listening to a port by default is a bug >> > (and I have the firewall specialists at Red Hat/Fedora to back me up) >> > 2) Good defaults >> >> again: the *purpose* of a Firewall is to protect from application bugs >> or unintentional user faults - frankly the early KDE4 setups in 2008 had >> a ton of 0.0.0.0 listenining high ports, that where indeed a bug and >> hence a firewall to protect the user against such bugs >> >> it is not a bug that "ZendStudio" is listening on a high UDP port for >> license verification (only one instance in the same network via broadcasts) >> >> it is intentional by the software > > I'm not going to comment what is good, what is intentional and etc. > All I'm asking for is for precise wording aka when something is done by ZendStudion or any other Eclipse plugin is to name it unless it's something that Eclipse Platform/RCP does. > As both Fedora and upstream Eclipse platform developer I really care about negative press we get because of such statements. "Eclipse listens on some port by default" translates into "Eclipse is insecure" and etc. is entirely not-true. We have a very strict privacy policy (http://www.eclipse.org/legal/privacy.php and http://wiki.eclipse.org/Policies/Uploading_and_Downloading_from_Eclipse_Software_Policy) so I sincerely ask people to not spread false statements like the one. > Well, it's in your hands now, and every application developer's hands, if RH is going to be turning the default firewall off. -- imalone http://ibmalone.blogspot.co.uk -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
