Re: [EXT]Re: Fedora Workstation and disabled by default firewall

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

I don't see how that answer makes the users life any easier. Now rather than having to intentionally configure the firewall the user has to add flags or config options to listen on additional ports. It is just replacing one complexity with another.
The current behavior, in an effort to make casual users lives easier by disabling the firewall has gone ahead and intentionally made them less secure, which I would consider far worse.
A user with a service that isn't functioning as expected can use Google or read documentation to determine why, whereas a user who doesn't even know their system has been left intentionally less secure will simply be left none the wiser, possibly until it's too late. 

On 8/26/19 10:23 AM, Anderson, Charles R wrote:

Perhaps VNC should default to listing only on the loopback interface.

On Mon, Aug 26, 2019 at 08:55:59AM -0400, Jason Montleon wrote:

Imagine starting up VNC, having no intention of opening port 59xx, and
intending to use SSH tunneling to connect to the service.

You think you're being more diligent only to later find out the service
is actually exposed by the default firewall policy.

On 8/26/19 8:46 AM, Artem Tim wrote:

completely disabled by default (opened all ports 1025-65535) on Fedora Workstation?


Not completely. Completely when from 1 to 65535. :)

_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx



--
Jason Montleon     | email: jmontleo@xxxxxxxxxx
Software Engineer  | gpg key: 0x069E3022
Red Hat, Inc.      | irc: jmontleo
desk: 978-392-3930 | cell: 508-496-0663
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Users]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]

  Powered by Linux