On Tuesday, August 27, 2019 6:06:24 AM MST Jiri Eischmann wrote: > mcatanzaro@xxxxxxxxx píše v Út 27. 08. 2019 v 15:07 +0300: > > > On Tue, Aug 27, 2019 at 4:22 AM, John Harris <johnmh@xxxxxxxxxxxxx> > > wrote: > > > > > No, that is not how this works, at all. First, let's go ahead and > > > address the > > > idea that "if the firewall blocks it, the app breaks, so it's the > > > firewall's > > > fault": It's not. If the firewall has not been opened, that just > > > means it > > > can't be accessed by remote systems until you EXPLICITLY open that > > > port, with > > > the correct protocol, on your firewall. That's FINE. That's how > > > it's designed > > > to work. There's nothing wrong with that. > > > > > > This means that the system administrator (or owner, if this is > > > some > > > individual's personal system) must allow the port to be accessed > > > remotely, > > > before the app can be reached remotely, increasing the security of > > > the system. > > > > > > You've already lost me here. Sorry, but we do not and will not > > install a firewall GUI that exposes complex technical details like > > port numbers. Expecting users to edit firewall rules to use their > > apps is ridiculous and I'm not really interested in debating it. > > > Yeah, when you ask users questions they're not qualified to answer, > you're just creating bad design. > I always imagine my mom (who BTW has been a Fedora user for years) how > she'd deal with that and I can't really imagine her opening/closing > firewall ports. She'd be puzzled even by "Do you trust this network?" > and would probably just click "Yes" to make it go away. No additional > security, just annoying UX. > > Jiri > _______________________________________________ > devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx > To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List > Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List > Archives: > https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx In that case, let me be clear: Users are NOT qualified to select the GNOME spin, as they don't even know it disables the firewall. This is why you'd just implement sane defaults like the KDE spin, instead of opening literally every port on the system to the world. -- John M. Harris, Jr. <johnmh@xxxxxxxxxxxxx> Splentity https://splentity.com/ _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
