Re: "Workstation" Product defaults to wide-open firewall

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Bastien Nocera wrote:
> Security is about compromises. The net result of the old firewall settings
> was people disabling the firewall.

And the net result of the new firewall settings is you disabling the 
firewall for them, and also for all those people out there (like me) who 
were NOT disabling the firewall. (Thankfully, I'm not using the GNOME 
Workstation, nor firewalld (but the old iptables.service), so I won't get 
this "improvement".)

> The new firewall settings were vouched for by the firewalld folks, and
> provide good defaults for most users.

The new firewall settings essentially amount to disabling the firewall.

The only ports they protect are those controlled by root anyway, and there 
is nothing listening on those ports by default (except SSH, which your 
firewall rules also let through, but that was already the case before).

        Kevin Kofler

-- 
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux