On Friday, August 30, 2019 12:35:34 PM MST mcatanzaro@xxxxxxxxx wrote: > On Wed, Aug 28, 2019 at 7:46 PM, Christopher > <ctubbsii@xxxxxxxxxxxxxxxxx> wrote: > > > Yeah, I also don't want a complicated installer. I just don't see this > > disagreement going anywhere without some sort of compromise, and I > > can't think of any others that will satisfy people. I think there's a > > good chance this could be implemented without much complexity, though. > > Thank you for giving the idea at least a little consideration, though, > > and not outright dismissing it. > > > The potential compromise I see might involve exposing firewall zones in > some well-considered and thoughtful way, including a rethink of what is > blocked and allowed by the zones, and an understanding of what the goal > of having each zone is. That would have to be done in both gnome-shell > and gnome-control-center, and it'd need to receive buy-in from relevant > designers and developers. > > Such an effort would need to be undertaken by developers who understand > and accept a requirement to not break installed applications or > services, to not expect users to be capable of editing firewall rules, > and to not require the installation of a firewall GUI application that > exposes technical details like ports. It would also need to firmly > reject the assumption that users know (or even that users *should* > know) the difference between a TCP port and a USB port. Otherwise, the > gulf between the two sides here is just too great, and there's no hope > for a useful discussion or compromise. But if these requirements are > OK, maybe we can agree on something. > > The work would need to be undertaken by people actually interested in > the problem. Expecting existing Workstation developers to work on this > is not likely to turn out well, since we're busy, and I think most of > us are already OK with the status quo. > > It'd also be helpful to get beyond this security myth that having a > firewall is somehow essential to have a secure workstation. I'm firmly > convinced this is not the case, and I'm unpersuaded by most of the > comments in this thread that assume otherwise. The best argument I've > seen so far in favor of a firewall was accidentally sharing your > Rhythmbox media library on a public network, so focusing on that or > similar issues would be helpful. Unplugging from trusted "wired > connection 1" (e.g. a home router) and plugging into a different > untrusted "wired connection 1" (e.g. a modem) is another good example > from this thread of where mistakes can currently occur. We probably > shouldn't allow users to share media on a network where the user has a > public IP, for instance. But just repeated claiming that a firewall is > essential for security isn't going to impress me. > > Iñaki seems to be batting in this direction with the issues he's > filed. His approach seems constructive to me. I fear it might be easy > to have missed his comment in this noisy thread. > > Michael Several things. One, running with a firewall that blocks incoming connections from external hosts doesn't break any known software in Fedora. If it does, please let me know, as that's highly unusual, and certainly cause for concern. I don't believe we need to wait for the DE to catch up in terms of security in order to set a default firewall zone of something more safe. If the end user is planning on running a network service, especially something which is not part of GNOME, I can't see any reason that it should be in the default firewall zone, nor can I see any reason that it needs to be opened for the user, the system simply making assumptions about what they intend to do. When an end user chooses to run a network service, they should definitely be making a conscious decision to open that port to their given network, unless they've changed the firewall zone. Port numbers are not "technical data". Seriously, they're not. I have no idea where you're getting that from, because port numbers are important to know if you intend to connect to anything. The only ones they, for the most part, wouldn't need to know in order to connect are: http, https, ssh. Holy cow, they definitely should know that there is a MAJOR difference between a TCP port and a USB port. One of these is a number used to identify the service you want to connect to on a remote host. The other is a physical port for local devices.. When remote devices are involved, things are very different. Having a firewall is absolutely essential, ESPECIALLY if you expect that your users don't know what a firewall is, or even what a port number is. Additionally, you have no real way of knowing what a "public IP" is. You can have a 10.0.0.0/8, 172.16.0.0/12 or 192.168.0.0/16 IP address and still be on a public network. -- John M. Harris, Jr. <johnmh@xxxxxxxxxxxxx> Splentity https://splentity.com/ _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
