Re: "Workstation" Product defaults to wide-open firewall

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 12/08/2014 12:51 PM, Bastien Nocera wrote:



----- Original Message -----



Am 08.12.2014 um 12:34 schrieb Bastien Nocera:

Am 08.12.2014 um 11:45 schrieb Bastien Nocera:

Well, I'll understand these aspects.

But when I think about Linux, especially about Fedora, I'm thinking
about the freedom to make decisions. This means to me, to customize
and take advantage of my computer and in this case my operating
system.


You're free to select another firewall zone


so why do you not make secure defaults and say "You're free to select
another (more unsecure) firewall zone"?


1) It is secure enough and Eclipse listening to a port by default is a
bug
(and I have the firewall specialists at Red Hat/Fedora to back me up)


I have Eclipse open and it's not listening to a port AFAIKT. I wonder what
obscure plugin is installed in Eclipse to make this happen.


Thanks for following up Aleksandar. Hopefully Reindl will let us know about
that
so the bug can be fixed.


* first: it is not a Fedora package
* second: it does not matter

fixing applications to work around harmful firewall settings is the
wrong direction - the *purpose* of a firewall is to *protect* against
such things and i really don't get why this needs to be explained
multiple times


Security is about compromises. The net result of the old firewall settings
was people disabling the firewall.



The new firewall settings were vouched for
by the firewalld folks, and provide good defaults for most users.
This is wrong and you know about that - the firewalld folks have been urged to use this zone for the Workstation product - it was a Workstation team decision. 


that's the same as drive a car on the street, facing another driver
ignoring his red light and instead try to stop your car just say "he is
wrong and i am allowed to drive"

a sensible reaction would be stop, call the others names and live
the ignorant reaction would be get killed but be right at it


I can't parse that, sorry. Looks like a strawman.


--
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux