This would be a good topic for the retrospective, I think. https://fedoraproject.org/wiki/Fedora_21_Retrospective#Could_have_been_better ;-) In my specific case, 'firewall-cmd --set-default-zone=public' in my kickstart file makes this issue go away. On Mon, Dec 8, 2014 at 2:54 PM, Alec Leamas <leamas.alec@xxxxxxxxx> wrote: > On 08/12/14 16:33, Matthew Miller wrote: >> >> On Mon, Dec 08, 2014 at 02:31:58PM +0000, Ian Malone wrote: >>> >>> There are three products: workstation, server, cloud. Workstation is >>> the one for desktop use. That leaves server to aim for the traditional >>> fedora user base, since cloud is (understandably) a very different >>> thing. So if you want a desktop system with a security focus where do >>> you look now? >> >> >> So, it's important to understand — here on the devel list, certainly — >> that these three are part of a marketing strategy, and in order for >> such a thing to be effective and not just fluffy talk, it does involve >> technical changes to match the plan. > > > I have no problems with this. However, besides the technical/marketing > trade-offs, here is also a process issue. Obviously, a lot of people were > surprised by Kevin's finding that the workstation firewall was default open > for ports > 1024. > > Tracking this issue back we find [1] where the workstation group tried to > just disable the firewall. This started some threads. FESCO rejected the > change request. > > For me, this issue then disappeared from my radar. It seems that after FESCO > turned down the wide-open system option the discussion was in the > workstation list, where they ended up opening all user ports (?) and > implemented this. > > When a lot of people are surprised, isn't that a sign of a process problem? > Should we try to avoid surprises like this?. If so, how? > > (I'm not trying to be argumentative or to blame anyone; if my pidgin English > gives that impression please ignore it). > > > Cheers! > > --alec > > > > [1] https://fedorahosted.org/fesco/ticket/1301 > > -- > devel mailing list > devel@xxxxxxxxxxxxxxxxxxxxxxx > https://admin.fedoraproject.org/mailman/listinfo/devel > Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct -- Twitter: http://twitter.com/znmeb; OSJourno: Robust Power Tools for Digital Journalists https://osjourno.com Remember, if you're traveling to Bactria, Hump Day is Tuesday and Thursday. -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
