On 8/27/19 10:03 AM, John Harris wrote:
On Tuesday, August 27, 2019 5:35:08 AM MST Robert Marcano wrote:
On 8/27/19 8:18 AM, mcatanzaro@xxxxxxxxx wrote:
On Tue, Aug 27, 2019 at 2:37 PM, Iñaki Ucar <iucar@xxxxxxxxxxxxxxxxx>
wrote:
There's no need to write "a new style of firewall". It would be as
easy as asking the user once whether a new connection is trusted or
not. That's it.
But, well, how do you do that? What do you show to the user?
Maybe, now that NetworkManager implements now its own DHCP client, if
the IP received is not an private address (RFC 1918 for IPv4, some other
consideration should be done for IPv6), Notify the user the connection
is in a secure mode with an option to disable the secure, temporarily or
permanently
That wouldn't work. If you hop on public wifi, your IP will most likely be in
a private rang, which would be wide open under this proposal.
Any new Wifi connection could be identified by their SSID, so it could
still be secure by default and ask for that specific connection to be
opened because you trust them. As I proposed on another email, bring
back the NetworkManager zones UI to GNOME Settings, simplified with
being an option to confine that connection to the public zone.
The problem of identifying wired connections still remains and needs
more thinking.
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
