On Tue, 27 Aug 2019 at 09:40, <mcatanzaro@xxxxxxxxx> wrote: > > If there is a separate team of firewall developers that would be interested in writing a new style of firewall, then I'm sure the WG would be happy to reopen discussion of the issue, including a discussion of requirements, etc. But I highly doubt anybody will be interested in this effort to reenable a stricter firewalld configuration. This doesn't seem like a serious effort to think about how a firewall could be useful, it just seems like an effort to break software. There's no need to write "a new style of firewall". It would be as easy as asking the user once whether a new connection is trusted or not. That's it. Users would be one click away of the same functionality they have now in trusted networks (everything just works) and would be otherwise protected in untrusted networks. Network zones was one huge step towards a great trade-off between usability and security. Opening almost all ports by default is two steps backwards. Iñaki _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
