On Sun, Sep 1, 2019 at 7:16 AM <mcatanzaro@xxxxxxxxx> wrote: > > On Sat, Aug 31, 2019 at 6:37 PM, Nico Kadel-Garcia <nkadel@xxxxxxxxx> > wrote: > > If 30 years in DevOps and system security in both large and small > > networks count for anything, this makes *complete* sense. The > > distinction between a "Workstation" deployment and a "Server" or > > "Everything" deployment should not include leaving the Workstation > > completely vulnerable to the most casual script kiddie attacks after > > they install *any* services, especially including MySQL, DNS, Samba, > > or Tomcat, Jenkins, or anything else. > > Well that's why installed network services are disabled by default in > Fedora, unless the package receives an exception from FESCo. This isn't > Debian where installing a package is expected to result in the service > being up and running. If you 'systemctl start' your service and the > firewall breaks it, that's just annoying. > > Michael There is "annoying", and there is "dangerously exposing your host" while you're first learning about the service. I'd encourage leaving the training wheels on until the service administrator can bother to learn about firewalls and take off the training wheels. _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
