Am 08.12.2014 um 17:17 schrieb Bastien Nocera:
Am 08.12.2014 um 17:10 schrieb Bastien Nocera:Security is about compromises. The net result of the old firewall settings was people disabling the firewall.And the net result of the new firewall settings is you disabling the firewall for them,It's not disabledit is practically the only port unprivileged code can listen on is > 1024, you opened thatThe new firewall settings essentially amount to disabling the firewall.It doesn'tit does the only port unprivileged code can listen on is > 1024, you opened thatAnd you're not interested in protecting any of the services running as root?
noah stop that polemic i know /etc/services and hence i am interested in protecting *any port* period - end of discussion - we will never agree and thankfully i gaveup maintaining any enduser machine years ago because i had enough of the out-of-the-box security problems on windows systems and god bless that i never started to recommend anybody use whatever OS
the machines i have to bother about are secured*but* be sure that discussion is bookmarked if we read soon about damage done by careless defaults to users which thought they can trust their operating system in a default setup
Attachment:
signature.asc
Description: OpenPGP digital signature
-- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
