Am 22.12.2014 um 10:10 schrieb drago01:
On Mon, Dec 22, 2014 at 9:26 AM, Björn Persson <Bjorn@rombobjörn.se> wrote:Stephen John Smoogen wrote:Uhm no. You seem to be wanting a fight over something, and I have no mood to engage. I hope you have a more pleasant holidays than what your tone indicates you are currently having.The idea of making two calls to open a port seemed like a bad design to me, so I proposed what seemed like a better design.FWIW we already have a mechanism to restricts which ports specific applications are allowed to open without using firewalld at all. Its called "SELinux" (only works for confined domains but server applications should run in one anyway)
that don't solve the "firewall open on ports greater than 1024" on workstations starting with F21 as long as you don't forbid *any* application without a SELinux context to open a non-privileged port
Attachment:
signature.asc
Description: OpenPGP digital signature
-- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
